CVE-2010-2518 - OpenCVE

Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	P8 Content Engine Filenet P8 Business Process Manager Filenet P8 Content Manager P8 Content Search Engine

Configuration 1 [-]

AND

OR	cpe:2.3:a:ibm:p8_content_engine:4.5.1:::::::*
	cpe:2.3:a:ibm:p8_content_engine:4.5.1.1:::::::*
	cpe:2.3:a:ibm:p8_content_engine:4.5.1.2:::::::*

OR	cpe:2.3:a:ibm:filenet_p8_business_process_manager::::::::
	cpe:2.3:a:ibm:filenet_p8_content_manager::::::::

Configuration 2 [-]

AND

OR	cpe:2.3:a:ibm:filenet_p8_business_process_manager::::::::
	cpe:2.3:a:ibm:filenet_p8_content_manager::::::::

OR	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.1:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.2:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.1:::::::*

References

Link	Resource
http://secunia.com/advisories/40413	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21438487	Vendor Advisory
http://www.osvdb.org/65804
http://www.securityfocus.com/bid/41177
http://www.vupen.com/english/advisories/2010/1616	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/59792

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2010-06-30T18:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-06-30T00:00:00

Link: CVE-2010-2518

JSON object: View

NVD Information

Status : Modified

Published: 2010-06-30T18:30:01.910

Modified: 2017-08-17T01:32:44.773

Link: CVE-2010-2518

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-27T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "65804", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/65804"}, {"name": "40413", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40413"}, {"name": "filenet-cse-security-bypass(59792)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}, {"name": "41177", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/41177"}, {"name": "ADV-2010-1616", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "65804", "refsource": "OSVDB", "url": "http://www.osvdb.org/65804"}, {"name": "40413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40413"}, {"name": "filenet-cse-security-bypass(59792)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}, {"name": "41177", "refsource": "BID", "url": "http://www.securityfocus.com/bid/41177"}, {"name": "ADV-2010-1616", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2518", "datePublished": "2010-06-30T18:00:00", "dateReserved": "2010-06-30T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6CA98C3-D287-4D9C-B2EF-6FE4DF526DA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "97ABEE15-7B9F-4269-8F52-02E8C4B06521", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9C3B026-E991-4EBB-812F-0DBB2A8526C9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:filenet_p8_business_process_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E13A33FB-D20C-4010-8CE8-249745210F61", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:filenet_p8_content_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "63637F57-35D7-4B16-8D18-AC958475CD49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:filenet_p8_business_process_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E13A33FB-D20C-4010-8CE8-249745210F61", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:filenet_p8_content_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "63637F57-35D7-4B16-8D18-AC958475CD49", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE2CDBCE-8668-4E74-AC85-7F633805175C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "896B931C-A8D0-4664-99D9-10408CFCF3AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "243E0A51-D47F-4344-84F7-D2771617D0C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "701BD744-1958-47A1-9902-72E5918D6BFB", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Vulnerabilidad no espec\u00edfica en el P8 Content Engine (P8CE) v4.5.1 anteriores a FP3 y al P8 Content Search Engine (P8CSE) anteriores a v4.5.0 FP3 y v4.5.1 anterior a FP1, como el usado en IBM FileNet P8 Content Manager (CM) y en FileNet P8 Business Process Manager (BPM), permitiendo a atacantes remotos obtener privilegios mediante vectores desconocidos. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."}], "id": "CVE-2010-2518", "lastModified": "2017-08-17T01:32:44.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-06-30T18:30:01.910", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40413"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/65804"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/41177"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}