CVE-2010-4806
First published: Thu May 26 2011(Updated: )
The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain resource editor privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Workplace Web Content Management | =6.1.5 | |
| IBM Workplace Web Content Management | =7.0.01-cf002 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-4806?
CVE-2010-4806 is rated as a medium severity vulnerability due to the potential for unauthorized access to draft creation.
How do I fix CVE-2010-4806?
To fix CVE-2010-4806, upgrade to IBM Web Content Manager version 7.0.0.1 or 6.1.5 with the latest patches applied.
Who is affected by CVE-2010-4806?
CVE-2010-4806 affects users of IBM Web Content Manager versions 6.1.5 and 7.0.0.1 before CF003.
What type of attack is enabled by CVE-2010-4806?
CVE-2010-4806 enables unauthorized users to bypass access restrictions to create drafts.
Is CVE-2010-4806 exploitable remotely?
Yes, CVE-2010-4806 can be exploited remotely by authenticated users with specific resource editor privileges.
- agent/references
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm web content manager
- version/ibm web content manager/7.0.01-cf002
- version/ibm web content manager/6.1.5