IBM Filenet Content Manager
By the Year
In 2024 there have been 0 vulnerabilities in IBM Filenet Content Manager . Last year Filenet Content Manager had 1 security vulnerability published. Right now, Filenet Content Manager is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 5.40 |
2022 | 1 | 8.80 |
2021 | 0 | 0.00 |
2020 | 2 | 6.60 |
2019 | 1 | 4.40 |
2018 | 4 | 6.25 |
It may take a day or so for new Filenet Content Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Filenet Content Manager Security Vulnerabilities
IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting
CVE-2023-35905
5.4 - Medium
- October 04, 2023
IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 259384.
XSS
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could
CVE-2021-38965
8.8 - High
- January 17, 2022
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 212346.
Shell injection
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection
CVE-2020-4759
7.8 - High
- November 09, 2020
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.
CSV Injection
IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting
CVE-2020-4447
5.4 - Medium
- July 23, 2020
IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181227.
XSS
IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service user credentials into a log file
CVE-2019-4572
4.4 - Medium
- October 14, 2019
IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service user credentials into a log file that could be accessed by an administrator on the local machine. IBM X-Force ID: 166798.
Insertion of Sensitive Information into Log File
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data
CVE-2018-1844
7.1 - High
- October 12, 2018
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150904.
XXE
IBM FileNet Content Manager
CVE-2018-1542
7.1 - High
- July 06, 2018
IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597.
XXE
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting
CVE-2018-1555
5.4 - Medium
- July 06, 2018
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892.
XSS
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting
CVE-2018-1556
5.4 - Medium
- July 06, 2018
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Filenet Content Manager or by IBM? Click the Watch button to subscribe.