Vulnerability Description
The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Documentum D2 | 3.1 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2015-02/0031.htmlBroken Link
- http://www.securityfocus.com/bid/72502Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031693Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100875
- http://archives.neohapsis.com/archives/bugtraq/2015-02/0031.htmlBroken Link
- http://www.securityfocus.com/bid/72502Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031693Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100875
FAQ
What is CVE-2015-0518?
CVE-2015-0518 is a vulnerability with a CVSS score of 9.0 (HIGH). The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser priv...
How severe is CVE-2015-0518?
CVE-2015-0518 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0518?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Documentum D2.