Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0396

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2012-0396
Last Modified 08 Feb 2012 11:10:13
Published 06 Feb 2012 03:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-0396

Summary

EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search.

Vulnerable Systems

Application

  • Emc Documentum Xplore 1.0

  • Emc Documentum Xplore 1.1

  • Emc Documentum Xplore 1.2


References

BID - 51863

SECTRACK - 1026639

SECUNIA - 47920

BUGTRAQ - 20120203 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

XF - emc-documentum-info-disc(72994)


Last Updated: 27 May 2016 10:58:09