EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
References
Link | Resource |
---|---|
http://seclists.org/bugtraq/2016/Feb/66 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1034993 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2016-02-12T01:00:00
Updated: 2017-01-09T16:57:01
Reserved: 2015-12-17T00:00:00
Link: CVE-2016-0881
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-02-12T01:59:00.113
Modified: 2017-01-11T04:11:07.147
Link: CVE-2016-0881
JSON object: View
Redhat Information
No data.
CWE