CVE-2015-0517
Published Feb 14, 2015
Last updated 7 years ago
Overview
- Description
- The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 places the MD5 hash of an encryption passphrase in log files, which allows remote authenticated users to obtain sensitive information by reading a file.
- Source
- security_alert@emc.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_d2:3.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FE3ABC6-7F44-436A-B78A-C7FC6310C1FA"
},
{
"criteria": "cpe:2.3:a:emc:documentum_d2:3.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEECDCAB-54A9-4A99-B77E-6DAD0513AA3E"
},
{
"criteria": "cpe:2.3:a:emc:documentum_d2:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A265F6B-0975-4CA2-832D-AF0FA38B0077"
},
{
"criteria": "cpe:2.3:a:emc:documentum_d2:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F39C8470-59DA-4759-A8B4-2DEE6DCAAE1A"
},
{
"criteria": "cpe:2.3:a:emc:documentum_d2:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC69558D-8121-4CA9-BABB-9ACF77808706"
}
],
"operator": "OR"
}
]
}
]