CVE-2010-2518 - OpenCVE

Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Filenet P8 Business Process Manager Filenet P8 Content Manager P8 Content Engine P8 Content Search Engine

Configuration 1 [-]

AND

OR	cpe:2.3:a:ibm:p8_content_engine:4.5.1:::::::*
	cpe:2.3:a:ibm:p8_content_engine:4.5.1.1:::::::*
	cpe:2.3:a:ibm:p8_content_engine:4.5.1.2:::::::*

OR	cpe:2.3:a:ibm:filenet_p8_business_process_manager::::::::
	cpe:2.3:a:ibm:filenet_p8_content_manager::::::::

Configuration 2 [-]

AND

OR	cpe:2.3:a:ibm:filenet_p8_business_process_manager::::::::
	cpe:2.3:a:ibm:filenet_p8_content_manager::::::::

OR	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.1:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.2:::::::*
	cpe:2.3:a:ibm:p8_content_search_engine:4.5.1:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/40413
http://www-01.ibm.com/support/docview.wss?uid=swg21438487
http://www.osvdb.org/65804
http://www.securityfocus.com/bid/41177
http://www.vupen.com/english/advisories/2010/1616
https://exchange.xforce.ibmcloud.com/vulnerabilities/59792

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-06-30T18:00:00

Updated: 2024-08-07T02:39:37.070Z

Reserved: 2010-06-30T00:00:00

Link: CVE-2010-2518

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-06-30T18:30:01.910

Modified: 2017-08-17T01:32:44.773

Link: CVE-2010-2518

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-27T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "65804", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/65804"}, {"name": "40413", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40413"}, {"name": "filenet-cse-security-bypass(59792)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}, {"name": "41177", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/41177"}, {"name": "ADV-2010-1616", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "65804", "refsource": "OSVDB", "url": "http://www.osvdb.org/65804"}, {"name": "40413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40413"}, {"name": "filenet-cse-security-bypass(59792)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}, {"name": "41177", "refsource": "BID", "url": "http://www.securityfocus.com/bid/41177"}, {"name": "ADV-2010-1616", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:39:37.070Z"}, "title": "CVE Program Container", "references": [{"name": "65804", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/65804"}, {"name": "40413", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40413"}, {"name": "filenet-cse-security-bypass(59792)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}, {"name": "41177", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/41177"}, {"name": "ADV-2010-1616", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2518", "datePublished": "2010-06-30T18:00:00", "dateReserved": "2010-06-30T00:00:00", "dateUpdated": "2024-08-07T02:39:37.070Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6CA98C3-D287-4D9C-B2EF-6FE4DF526DA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "97ABEE15-7B9F-4269-8F52-02E8C4B06521", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_engine:4.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9C3B026-E991-4EBB-812F-0DBB2A8526C9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:filenet_p8_business_process_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E13A33FB-D20C-4010-8CE8-249745210F61", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:filenet_p8_content_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "63637F57-35D7-4B16-8D18-AC958475CD49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:filenet_p8_business_process_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E13A33FB-D20C-4010-8CE8-249745210F61", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:filenet_p8_content_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "63637F57-35D7-4B16-8D18-AC958475CD49", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE2CDBCE-8668-4E74-AC85-7F633805175C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "896B931C-A8D0-4664-99D9-10408CFCF3AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "243E0A51-D47F-4344-84F7-D2771617D0C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:p8_content_search_engine:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "701BD744-1958-47A1-9902-72E5918D6BFB", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Vulnerabilidad no espec\u00edfica en el P8 Content Engine (P8CE) v4.5.1 anteriores a FP3 y al P8 Content Search Engine (P8CSE) anteriores a v4.5.0 FP3 y v4.5.1 anterior a FP1, como el usado en IBM FileNet P8 Content Manager (CM) y en FileNet P8 Business Process Manager (BPM), permitiendo a atacantes remotos obtener privilegios mediante vectores desconocidos. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."}], "id": "CVE-2010-2518", "lastModified": "2017-08-17T01:32:44.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-06-30T18:30:01.910", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40413"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21438487"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/65804"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/41177"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1616"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59792"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}