NVD

Id
22673  
Name
CVE-2015-0146  
Description
IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-03-18  
Modified Date
2015-03-18  
Seq
2015-0146  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
119848 22673 CVE-2015-0146 http://www-01.ibm.com/support/docview.wss?uid=swg21696594  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6527 JVNDB-2015-001847 電子メール用 IBM Content Collector におけるドキュメントへのアクセス制限を回避される脆弱性 電子メール用 IBM Content Collector は、IBM Content Search Services の IBM FileNet P8 システムの検索中に不特定のクエリオペレータを適切に処理しないため、ドキュメントへのアクセス制限を回避され、重要な情報を取得される脆弱性が存在します。 CVE-2015-0146 77357 CVE-2015-0146 22673 2.1 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001847.html 2015-02-13 2015-03-19 View