CVE-2023-31871

Name of the Vulnerable Software and Affected Versions OpenText Documentum Content Server versions prior to 23.2

Description The issue allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root-owned SUID binary dm secure writer. This binary has security controls in place to prevent the creation of a file in a non-owned directory or as the root user. However, these controls can be bypassed to allow for an arbitrary file write as root.

Recommendations For versions prior to 23.2, update to version 23.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the dm secure writer binary to minimize the risk of exploitation.