PT-2016-4445 · Emc · Emc Documentum D2

Published

2016-04-07

Updated

2017-01-11

CVE-2016-0888

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Documentum D2 versions prior to 4.6

Description The issue allows remote authenticated users to modify objects due to a lack of intended Access Control Lists (ACLs) for configuration objects. ACLs are used to define access rights for users, and their absence can lead to unauthorized modifications.

Recommendations For versions prior to 4.6, update to version 4.6 or later to include the intended ACLs for configuration objects and prevent unauthorized modifications.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-0888

Affected Products

Emc Documentum D2

PT-2016-4445 · Emc · Emc Documentum D2

CVE-2016-0888

Related Identifiers

Affected Products

References · 4