Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2017-5585
HistoryFeb 22, 2017 - 4:00 p.m.

CVE-2017-5585

2017-02-2216:00:00
mitre
www.cve.org

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

JSON

OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary DML or DDL commands via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2520.

Related

packetstorm 1
cve 2
prion 2
nvd 2
cvelist 1
nessus 1
securityvulns 2
cert 1
packetstorm
packetstorm
OpenText Documentum Content Server 7.3 SQL Injection
2017-02-16 00:00:00
cve
cve
CVE-2017-5585
2017-02-22 16:59:00
CVE-2014-2520
2014-08-20 11:17:13
prion
prion
Design/Logic Flaw
2017-02-22 16:59:00
Design/Logic Flaw
2014-08-20 11:17:00
nvd
nvd
CVE-2017-5585
2017-02-22 16:59:00
CVE-2014-2520
2014-08-20 11:17:13
cvelist
cvelist
CVE-2014-2520
2014-08-20 10:00:00
nessus
nessus
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-079)
2014-09-11 00:00:00
securityvulns
securityvulns
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
2014-08-26 00:00:00
EMC Documentum multiple security vulnerabilities
2015-09-14 00:00:00
cert
cert
EMC Documentum products contain multiple vulnerabilities
2014-12-15 00:00:00

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

JSON
Related for CVELIST:CVE-2017-5585
packetstorm1cve2prion2nvd2cvelist1nessus1securityvulns2cert1