Lucene search
PRIOn knowledge basePRION:CVE-2017-15276HistoryOct 13, 2017 - 4:29 p.m.
Path traversal
2017-10-1316:29:00
PRIOn knowledge base
www.prio-n.com
6
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpacking TAR archives, Content Server fails to verify the contents of an archive, which causes a path traversal vulnerability via symlinks. Because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| documentum_content_server | le | 7.3 |
Related
cve
cve
CVE-2017-15276
2017-10-13 16:29:00
zdt
zdt
Opentext Documentum Content Server Privilege Escalation Exploit
2017-10-15 00:00:00
exploitpack
exploitpack
OpenText Documentum Content Server - Privilege Escalation
2017-10-17 00:00:00
cvelist
cvelist
CVE-2017-15276
2017-10-13 16:00:00
nvd
nvd
CVE-2017-15276
2017-10-13 16:29:00
packetstorm
packetstorm
Opentext Documentum Content Server Privilege Escalation
2017-10-14 00:00:00
exploitdb
exploitdb
OpenText Documentum Content Server - Privilege Escalation
2017-10-17 00:00:00