Vulnerability Details CVE-2015-0146
IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.3%
CVSS Severity
CVSS v2 Score 2.1
References
Products affected by CVE-2015-0146
-
cpe:2.3:a:ibm:content_collector:3.0.0.0
-
cpe:2.3:a:ibm:content_collector:3.0.0.1
-
cpe:2.3:a:ibm:content_collector:3.0.0.2
-
cpe:2.3:a:ibm:content_collector:3.0.0.3
-
cpe:2.3:a:ibm:content_collector:3.0.0.4
-
cpe:2.3:a:ibm:content_collector:3.0.0.5
-
cpe:2.3:a:ibm:content_collector:4.0.0.0
-
cpe:2.3:a:ibm:content_collector:4.0.0.1
-
cpe:2.3:a:ibm:content_collector:4.0.0.2