PT-2015-4709 · Emc · Emc Documentum D2

Published

2015-07-04

Updated

2016-12-28

CVE-2015-0548

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC Documentum D2 versions 4.1 through 4.2 before P16 EMC Documentum D2 version 4.5 before P03

Description The issue allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks, which can be used to bypass intended read-access restrictions.

Recommendations For EMC Documentum D2 versions 4.1 through 4.2 before P16, update to version 4.2 P16 or later. For EMC Documentum D2 version 4.5 before P03, update to version 4.5 P03 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2015-0548

Affected Products

Emc Documentum D2

PT-2015-4709 · Emc · Emc Documentum D2

CVE-2015-0548

Weakness Enumeration

Related Identifiers

Affected Products

References · 3