Vulnerabilities > IBM > Filenet Content Manager > 4.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-07-28 | CVE-2010-2896 | Permissions, Privileges, and Access Controls vulnerability in IBM Filenet Content Manager IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors. | 4.3 |
| 2009-06-08 | CVE-2009-1953 | Permissions, Privileges, and Access Controls vulnerability in IBM Filenet Content Manager 4.0/4.0.1/4.5 IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) and Oracle BEA WebLogic Application Server, when the CE Web Services listener has a certain WSEAF configuration, does not properly restrict use of a cached Subject, which allows remote attackers to obtain access with the credentials of a recently authenticated user via unspecified vectors. | 4.6 |