The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 prior to 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm filenet p8 application engine 3.5.1 |