CVE-2008-4581

medium

Description

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45943

http://www.securityfocus.com/bid/31748

http://www-1.ibm.com/support/docview.wss?uid=swg1HD71425

http://www-01.ibm.com/support/docview.wss?uid=swg27012567&aid=1

http://secunia.com/advisories/32105

Details

Source: Mitre, NVD

Published: 2008-10-15

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.002