Computer Security
[EN] securityvulns.ru no-pyccku


EMC Documentum xPlore information leakage
Published:08.02.2012
Source:
SecurityVulns ID:12174
Type:remote
Threat Level:
5/10
Description:Under specific circumstances, an authenticated user who does not have BROWSE permission on the object may be able to see the existence of or certain metadata on that object in a search result
Affected:EMC : Documentum xPlore 1.0
 EMC : Documentum xPlore 1.1
 EMC : Documentum xPlore 1.2
CVE:CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search.)
Original documentdocumentEMC, ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability (08.02.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod