| |
Vulnerability CVE-2010-4806
Published: 2011-05-26 Modified: 2012-02-13
| Description: |
The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain resource editor privileges. |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
http://www.ibm.com/support/docview.wss?uid=swg24029452
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26755
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
