IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21696594 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2015-03-18T10:00:00
Updated: 2024-08-06T04:03:09.883Z
Reserved: 2014-11-18T00:00:00
Link: CVE-2015-0146
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-03-18T10:59:06.197
Modified: 2015-03-18T14:51:03.147
Link: CVE-2015-0146
Redhat
No data.