CVE-2015-0527

Published: Mar 24, 2015Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file.

Affected (1)

Products: Emc: Documentum Xcelerated Management System

1 product

Documentum Xcelerated Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Documentum Xcelerated Management System	Version 1.1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://packetstormsecurity.com/files/130959/EMC-Documentum-xMS-Sensitive-Information-Disclosure.html

Source: security_alert@emc.com

http://seclists.org/bugtraq/2015/Mar/134

Source: security_alert@emc.com

http://packetstormsecurity.com/files/130959/EMC-Documentum-xMS-Sensitive-Information-Disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/bugtraq/2015/Mar/134

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.