A security vulnerability with the IBM FileNet P8 Content Engine and Content Search Engine has been identified and addressed

Resolving The Problem

This vulnerability affects the following IBM FileNet P8 Content Manager (CM) and IBM FileNet P8 Business Process Manager (BPM) product components:

P8CE 4.5.1 at the GA base level, Fix Pack 1 level or Fix Pack 2 level
P8CSE 4.5.1 at the GA base level
P8CSE 4.5.0 at the GA base level or Fix Pack 2 level

P8CE 4.5.1 Fix Pack 3 (or higher) and P8CSE 4.5.1 Fix Pack 1 address the vulnerability and are mandatory updates for all IBM FileNet CM 4.5.1 and IBM FileNet BPM 4.5.1 environments.

P8CSE 4.5.0 Fix Pack 3 addresses the vulnerability and is a mandatory update for all IBM FileNet CM 4.5.0, IBM FileNet BPM 4.5.0, IBM FileNet CM 4.0.x and IBM FileNet BPM 4.0.x environments that have IBM FileNet P8 Content Search Engine 4.5.0 or higher installed and configured.

The Fix Packs are available on Fix Central starting June 28, 2010. Please follow the standard procedure to download the mandatory Fix Packs required for your environment.

Please note that P8CE 4.5.1 Fix Pack 1, Fix Pack 2, P8CSE 4.5.0 Fix Pack 1, and Fix Pack 2 are no longer available at Fix Central as they are no longer supported. Please be aware that P8CE 4.5.1 Fix Pack 4 is required if you are upgrading from P8CE 3.5.x. Please see this Flash Alert for more details:

http://www-01.ibm.com/support/docview.wss?uid=swg21441225

Fix Central can be found at: http://www-933.ibm.com/support/fixcentral/

For additional support questions, please contact the IBM Response Center at 1-800-IBM-SERV.