Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0518

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2015-0518
Last Modified 20 Feb 2015 10:02:17
Published 14 Feb 2015 10:59:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2015-0518

Summary

The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.

Vulnerable Systems

Application

  • Emc Documentum D2 3.1

  • Emc Documentum D2 4.0

  • Emc Documentum D2 4.1

  • Emc Documentum D2 4.2


References

BUGTRAQ - 20150204 ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities

XF - emc-documentum-cve20150518-priv-esc(100875)

SECTRACK - 1031693

BID - 72502


Last Updated: 27 May 2016 11:07:54