VYPR
Unrated severityNVD Advisory· Published Feb 14, 2015· Updated Jun 17, 2026

CVE-2015-0517

CVE-2015-0517

Description

The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 places the MD5 hash of an encryption passphrase in log files, which allows remote authenticated users to obtain sensitive information by reading a file.

Affected products

6
  • cpe:2.3:a:emc:documentum_d2:3.1:-:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:emc:documentum_d2:3.1:-:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_d2:3.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_d2:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_d2:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_d2:4.2:*:*:*:*:*:*:*
    • (no CPE)range: 3.1 through SP1, 4.0, 4.1 before 4.1 P22, 4.2 before P11

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.