CVE-2012-0398

Published: Mar 15, 2012Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors.

Affected (4)

Products: Emc: Documentum Eroom

Emc

1 product

Documentum Eroom

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Emc Documentum Eroom	Up to 7.4.3
Emc Documentum Eroom	Version 7.3.0
Emc Documentum Eroom	Version 7.4.1
Emc Documentum Eroom	Version 7.4.2

Related CWEs

CWE-264

References (2)

http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.