CVE-2016-0886

EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.
References
Link Resource
http://seclists.org/bugtraq/2016/Mar/44 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/84210 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035197 Third Party Advisory VDB Entry
http://seclists.org/bugtraq/2016/Mar/44 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/84210 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035197 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:documentum_xcp:2.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_xcp:2.2:*:*:*:*:*:*:*

History

21 Nov 2024, 02:42

Type Values Removed Values Added
References () http://seclists.org/bugtraq/2016/Mar/44 - Third Party Advisory, VDB Entry () http://seclists.org/bugtraq/2016/Mar/44 - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/84210 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/84210 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1035197 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1035197 - Third Party Advisory, VDB Entry

Information

Published : 2016-03-09 23:59

Updated : 2024-11-21 02:42


NVD link : CVE-2016-0886

Mitre link : CVE-2016-0886

CVE.ORG link : CVE-2016-0886


JSON object : View

Products Affected

emc

  • documentum_xcp
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor