Unrated severityNVD Advisory· Published Sep 20, 2010· Updated Jun 16, 2026
CVE-2009-5001
CVE-2009-5001
Description
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
Affected products
3cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:001:*:*:*:*:*:*
- (no CPE)range: <4.0.2.2-P8AE-FP002
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.