PT-2017-16592 · Opentext+1 · Opentext Documentum Content Server+1

Published

2017-02-22

Updated

2017-03-02

CVE-2017-5585

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenText Documentum Content Server versions 7.3

Description The issue allows remote authenticated users to conduct DQL injection attacks and execute arbitrary DML or DDL commands via a crafted request, due to the improper restriction of DQL hints when the PostgreSQL Database is used and the return top results row based config option is false.

Recommendations For OpenText Documentum Content Server version 7.3, set the return top results row based config option to true to mitigate the risk of DQL injection attacks. Additionally, consider restricting access to the DQL functionality until a more comprehensive fix is available.

Exploit

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2017-5585

Affected Products

Opentext Documentum Content Server

Postgresql Database

PT-2017-16592 · Opentext+1 · Opentext Documentum Content Server+1

CVE-2017-5585

Weakness Enumeration

Related Identifiers

Affected Products

References · 4