The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 prior to 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm filenet p8 application engine 3.5.1 |