D2 DQL Injection Vulnerability in EMC Documentum

D2 DQL Injection Vulnerability in EMC Documentum

CVE-2016-9873 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, modify data or disrupt services by causing execution of arbitrary DQL commands on the application.

Learn more about our User Device Pen Test.