IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.
References
Link | Resource |
---|---|
https://www.ibm.com/support/pages/node/6336917 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/188736 | VDB Entry Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-11-09 13:15
Updated : 2020-11-12 08:15
NVD link : CVE-2020-4759
Mitre link : CVE-2020-4759
JSON object : View
CWE
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
Products Affected
ibm
- filenet_content_manager