3 matches found
ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities EMC Identifier: ESA-2015-108 CVE Identifier: CVE-2015-0547, CVE-2015-0548 Severity Rating: CVSSv2 Base Score: See below for CVSSv2 score for individual CVEs Affected products: • EM...
CVE-2015-0547
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
CVE-2015-0547
EMC Documentum D2 is affected by CVE-2015-0547 due to DQL injection in the D2CenterstageService.getComments method. The vulnerability affects D2 versions 4.1 and 4.2 prior to 4.2 P16 and 4.5 prior to P03, enabling remote authenticated users to bypass read-access restrictions and potentially discl...