PT-2012-2540 · Emc · Emc Documentum Xplore

Published

2012-02-06

Updated

2017-08-29

CVE-2012-0396

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC Documentum xPlore versions 1.0 through 1.2 before P07

Description The issue allows remote authenticated users to determine the existence of an object or read object metadata via a search, due to improper enforcement of the BROWSE permission requirement.

Recommendations For versions 1.0 through 1.2 before P07, apply patch P07 to properly enforce the BROWSE permission requirement and prevent unauthorized access to object metadata.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-0396

Affected Products

Emc Documentum Xplore

PT-2012-2540 · Emc · Emc Documentum Xplore

CVE-2012-0396

Weakness Enumeration

Related Identifiers

Affected Products

References · 6