CVE-2016-0882

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to read arbitrary files via a POST request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
Link Resource
http://seclists.org/bugtraq/2016/Feb/66 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034993 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:documentum_xcp:2.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_xcp:2.1:*:*:*:*:*:*:*

Information

Published : 2016-02-11 17:59

Updated : 2017-01-10 20:11


NVD link : CVE-2016-0882

Mitre link : CVE-2016-0882


JSON object : View

Advertisement

dedicated server usa

Products Affected

emc

  • documentum_xcp