Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
documentum content server vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2015-4544
EMC Documentum Content Server prior to 7.1P20 and 7.2.x prior to 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this vulnerability exists because o...
Emc Documentum Content Server 7.2
Emc Documentum Content Server 7.1
9
CVSSv2
CVE-2017-7220
OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists be...
Opentext Documentum Content Server -
6.5
CVSSv2
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created ...
Opentext Documentum Content Server -
1 EDB exploit
NA
CVE-2023-31871
OpenText Documentum Content Server prior to 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing crea...
Opentext Documentum Content Server
6.5
CVSSv2
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
6.5
CVSSv2
CVE-2017-15012
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some f...
Opentext Documentum Content Server
1 EDB exploit
6.5
CVSSv2
CVE-2017-15013
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, w...
Opentext Documentum Content Server
1 EDB exploit
4
CVSSv2
CVE-2017-15014
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authentica...
Opentext Documentum Content Server
1 EDB exploit
6.5
CVSSv2
CVE-2017-5585
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attack...
Opentext Documentum Content Server 7.3
8.5
CVSSv2
CVE-2015-0550
Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote malicious users to bypass intended Content Server access restrictions via unspecified vectors.
Emc Documentum Thumbnail Server 6.7
Emc Documentum Thumbnail Server 7.0
Emc Documentum Thumbnail Server 7.1
Emc Documentum Thumbnail Server 7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »