CVE-2015-4530

Name of the Vulnerable Software and Affected Versions EMC Documentum Administrator versions through 7.2 EMC Documentum Digital Asset Management versions through 6.5SP6 EMC Documentum TaskSpace versions through 6.7SP2 EMC Documentum Web Publisher versions through 6.5SP7 EMC Documentum WebTop versions before 6.8P01

Description The issue is related to a cross-site request forgery (CSRF) that can be exploited by a remote attacker to hijack the authentication of arbitrary users. This can allow the attacker to capture user authentication details.

Recommendations For EMC Documentum Administrator versions through 7.2, update to a version later than 7.2. For EMC Documentum Digital Asset Management versions through 6.5SP6, update to a version later than 6.5SP6. For EMC Documentum TaskSpace versions through 6.7SP2, update to a version later than 6.7SP2. For EMC Documentum Web Publisher versions through 6.5SP7, update to a version later than 6.5SP7. For EMC Documentum WebTop versions before 6.8P01, update to version 6.8P01 or later.