DescriptionThe Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)


NOT-FOR-US: IBM FileNet P8 Application Engine

Search for package or bug name: Reporting problems