Documentum D2@4.5 Security Vulnerabilities and Issues — Documentum D2@4.5 CVE List

Lucene search

EmcDocumentum D24.5

4 matches found

CVE•added 2015/07/04 10:59 a.m.•41 views

CVE-2015-0548

The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

4CVSS6.6AI score0.00156EPSS

CVE•added 2015/07/04 10:59 a.m.•35 views

CVE-2015-0547

The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

4CVSS6.6AI score0.00156EPSS

CVE•added 2017/02/03 7:59 a.m.•34 views

CVE-2016-9873

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, mo...

6.5CVSS6.5AI score0.00628EPSS

CVE•added 2017/02/03 7:59 a.m.•31 views

CVE-2016-9872

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system.

6.1CVSS6.1AI score0.0028EPSS