Vulnerabilities > IBM > Filenet Content Manager

DATE CVE VULNERABILITY TITLE RISK
2023-10-04 CVE-2023-35905 Cross-site Scripting vulnerability in IBM Filenet Content Manager 5.5.10/5.5.11/5.5.8
IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-01-17 CVE-2021-38965 OS Command Injection vulnerability in IBM Filenet Content Manager 5.5.4/5.5.6/5.5.7
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
8.8
2020-11-09 CVE-2020-4759 Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection.
local
low complexity
ibm CWE-1236
7.8
7.8
2020-07-23 CVE-2020-4447 Cross-site Scripting vulnerability in IBM Filenet Content Manager 5.5.3/5.5.4
IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-10-14 CVE-2019-4572 Information Exposure Through Log Files vulnerability in IBM Filenet Content Manager 5.5.2/5.5.3
IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service user credentials into a log file that could be accessed by an administrator on the local machine.
local
low complexity
ibm CWE-532
4.4
4.4
2018-10-12 CVE-2018-1844 XXE vulnerability in IBM Filenet Content Manager 5.2.1/5.5.0
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
7.1
2018-07-06 CVE-2018-1556 Cross-site Scripting vulnerability in IBM Content Foundation and Filenet Content Manager
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-07-06 CVE-2018-1555 Cross-site Scripting vulnerability in IBM Content Foundation and Filenet Content Manager
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-07-06 CVE-2018-1542 XXE vulnerability in IBM Content Foundation and Filenet Content Manager
IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
7.1