← Back to CVEs
CVE-2015-0548
N/ADescription
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.
CVE Details
CVSS v3.1 ScoreN/A
Published7/4/2015
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0
Affected Products
emc:documentum_d2
Weaknesses (CWE)
CWE-20
References
http://seclists.org/bugtraq/2015/Jul/10(security_alert@emc.com)
http://www.securitytracker.com/id/1032769(security_alert@emc.com)
http://seclists.org/bugtraq/2015/Jul/10(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1032769(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.