CVE-2015-4537

2015-08-22T18:59:00
ID CVE-2015-4537
Type cve
Reporter cve@mitre.org
Modified 2016-12-24T02:59:00

Description

Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.