EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.
References
Link | Resource |
---|---|
http://seclists.org/bugtraq/2016/Mar/44 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/84210 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1035197 | Third Party Advisory VDB Entry |
http://seclists.org/bugtraq/2016/Mar/44 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/84210 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1035197 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/bugtraq/2016/Mar/44 - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/84210 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1035197 - Third Party Advisory, VDB Entry |
Information
Published : 2016-03-09 23:59
Updated : 2024-11-21 02:42
NVD link : CVE-2016-0886
Mitre link : CVE-2016-0886
CVE.ORG link : CVE-2016-0886
JSON object : View
Products Affected
emc
- documentum_xcp
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor