Documentum D2@4.2 Security Vulnerabilities and Issues — Documentum D2@4.2 CVE List

Lucene search

EmcDocumentum D24.2

4 matches found

CVE•added 2015/07/04 10:59 a.m.•41 views

CVE-2015-0548

The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

4CVSS6.6AI score0.00156EPSS

CVE•added 2015/02/14 3:59 p.m.•38 views

CVE-2015-0518

The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.

9CVSS6.3AI score0.01159EPSS

CVE•added 2015/02/14 3:59 p.m.•37 views

CVE-2015-0517

The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 places the MD5 hash of an encryption passphrase in log files, which allows remote authenticated users to obtain sensitive information by reading a file.

4CVSS5.8AI score0.00216EPSS

CVE•added 2015/07/04 10:59 a.m.•35 views

CVE-2015-0547

The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

4CVSS6.6AI score0.00156EPSS