Lucene search
DellCVE-2015-0547HistoryJul 04, 2015 - 10:59 a.m.
CVE-2015-0547
2015-07-0410:59:00
CWE-20
dell
web.nvd.nist.gov
24
emc documentum
d2
dql injection
remote authentication
cve-2015-0547
security vulnerability
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
31.7%
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.
Affected configurations
Node
emcdocumentum_d2Match4.1
ORemcdocumentum_d2Match4.2
ORemcdocumentum_d2Match4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| emc | documentum_d2 | 4.1 | cpe:2.3:a:emc:documentum_d2:4.1:*:*:*:*:*:*:* |
| emc | documentum_d2 | 4.2 | cpe:2.3:a:emc:documentum_d2:4.2:*:*:*:*:*:*:* |
| emc | documentum_d2 | 4.5 | cpe:2.3:a:emc:documentum_d2:4.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0547
2015-07-04 10:00:00
prion
prion
Design/Logic Flaw
2015-07-04 10:59:00
nvd
nvd
CVE-2015-0547
2015-07-04 10:59:00
nessus
nessus
securityvulns
securityvulns
ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities
2015-07-05 00:00:00
EMC Documentum multiple security vulnerabilities
2015-09-14 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
31.7%
Related for CVE-2015-0547