← Retour aux CVEs
CVE-2015-0548
N/ADescription
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.
Details CVE
Score CVSS v3.1N/A
Publie7/4/2015
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0
Produits affectes
emc:documentum_d2
Faiblesses (CWE)
CWE-20
References
http://seclists.org/bugtraq/2015/Jul/10(security_alert@emc.com)
http://www.securitytracker.com/id/1032769(security_alert@emc.com)
http://seclists.org/bugtraq/2015/Jul/10(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1032769(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.