Vulnerabilities > IBM > Content Collector > 4.0.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-03-18 | CVE-2015-0146 | Permissions, Privileges, and Access Controls vulnerability in IBM Content Collector IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query. | 2.1 |
2014-08-12 | CVE-2014-4757 | Permissions, Privileges, and Access Controls vulnerability in IBM Content Collector 4.0.0.0/4.0.0.1/4.0.0.2 The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary mailbox by invoking the Search function. | 2.1 |