CVE-2015-0518

Published: Feb 14, 2015Modified: May 6, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.

Affected (5)

Products: Emc: Documentum D2

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Emc Documentum D2	Version 3.1
Emc Documentum D2	Version 3.1 sp1
Emc Documentum D2	Version 4.0
Emc Documentum D2	Version 4.1
Emc Documentum D2	Version 4.2

Related CWEs

References (8)

http://archives.neohapsis.com/archives/bugtraq/2015-02/0031.html

Source: security_alert@emc.com

Broken Link

http://www.securityfocus.com/bid/72502

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1031693

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/100875

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2015-02/0031.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securityfocus.com/bid/72502

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1031693

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/100875

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.