EMC Documentum XCP Let Remote Users Inject DQL Queries Vulnerabilities
23 Jun. 2016
Summary
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
Vulnerable Systems:
*EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11
Immune Systems:
*EMC Documentum xCP 2.1 after patch 23 and 2.2 after patch 11
A remote user can inject DQL commands. A remote user can conduct XML external entity attacks to obtain files on the target system.The software does not properly validate user-supplied input. A remote user can supply a specially crafted xCP REST request to execute DQL commands on the underlying database and obtain potentially sensitive information