CVE-2015-4536

Name of the Vulnerable Software and Affected Versions EMC Documentum Content Server versions prior to 7.0 P20 EMC Documentum Content Server versions 7.1 prior to P18 EMC Documentum Content Server versions 7.2 prior to P02

Description The issue allows remote authenticated users to obtain sensitive information by reading a log file when RPC tracing is configured. This is because certain obfuscated password data is stored in the log file.

Recommendations For versions prior to 7.0 P20, update to version 7.0 P20 or later to resolve the issue. For versions 7.1 prior to P18, update to version 7.1 P18 or later to resolve the issue. For versions 7.2 prior to P02, update to version 7.2 P02 or later to resolve the issue. As a temporary workaround, consider disabling RPC tracing to minimize the risk of exploitation.