- Description
- The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain resource editor privileges.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:N
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:web_content_manager:6.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43503889-AAE4-4B57-9CA1-8F53644E11FF"
},
{
"criteria": "cpe:2.3:a:ibm:web_content_manager:7.0.01:cf002:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "596CA731-BAA5-4A4D-A54A-FA1070A33028"
}
],
"operator": "OR"
}
]
}
]