CVE-2015-4534

Name of the Vulnerable Software and Affected Versions EMC Documentum Content Server versions prior to 6.7SP1 P32 EMC Documentum Content Server versions 6.7SP2 prior to P25 EMC Documentum Content Server versions 7.0 prior to P19 EMC Documentum Content Server versions 7.1 prior to P16 EMC Documentum Content Server versions 7.2 prior to P02

Description The issue allows remote authenticated users to execute arbitrary code by forging a signature for a query string that lacks the method verb parameter.

Recommendations For versions prior to 6.7SP1 P32, update to 6.7SP1 P32 or later. For versions 6.7SP2 prior to P25, update to 6.7SP2 P25 or later. For versions 7.0 prior to P19, update to 7.0 P19 or later. For versions 7.1 prior to P16, update to 7.1 P16 or later. For versions 7.2 prior to P02, update to 7.2 P02 or later.