Ibm Filenet Content Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Filenet Content Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2021-38965 — CVSS 8.8 (high): IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system…
CVE-2020-4759 — CVSS 7.8 (high): IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands…
CVE-2018-1542 — CVSS 7.1 (high): IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE)…
CVE-2018-1844 — CVSS 7.1 (high): IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A…
CVE-2010-3320 — CVSS 6.8 (medium): Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to…
CVE-2023-47716 — CVSS 6.3 (medium): IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user…
CVE-2018-1555 — CVSS 5.4 (medium): IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1556 — CVSS 5.4 (medium): IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4447 — CVSS 5.4 (medium): IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2023-38366 — CVSS 5.3 (medium): IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system…
CVE-2010-3318 — CVSS 5.0 (medium): IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive…
CVE-2010-3319 — CVSS 5.0 (medium): IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain…
CVE-2023-35905 — CVSS 4.6 (medium): IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2009-1953 — CVSS 4.6 (medium): IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) and Oracle BEA WebLogic Application…
CVE-2019-4572 — CVSS 4.4 (medium): IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service user credentials into a log file that…
CVE-2013-5449 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter…
CVE-2010-2896 — CVSS 4.3 (medium): IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting…
CVE-2010-3317 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject…
CVE-2013-6746 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet…
CVE-2014-4763 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before…