IBM Atlas eDiscovery Process Management 6.0.1.5 and previous versions and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and previous versions and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and previous versions and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) do not properly validate sessions, which allows remote malicious users to bypass intended access restrictions, and visit PolicyAtlas/ResponseDraftServlet (aka the Compliance Questionnaire Save Draft servlet), via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm atlas suite - |
||
ibm atlas ediscovery process management |
||
ibm atlas ediscovery process management 6.0.2 |
||
ibm disposal and governance management for it |
||
ibm global retention policy and schedule management |
||
ibm disposal and governance management for it 6.0.2 |
||
ibm global retention policy and schedule management 6.0.2 |
Vulmon