CVE-2017-7221

Name of the Vulnerable Software and Affected Versions OpenText Documentum Content Server (affected versions not specified)

Description The issue is related to inadequate protection against SQL injection, allowing remote authenticated users to execute arbitrary code with super-user privileges. This can be achieved by leveraging the dm bp transition docbase method with a user-created dm procedure object. An example of exploitation involves using a backspace character in an injected string.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.