Unrated severityNVD Advisory· Published Aug 20, 2015· Updated May 6, 2026

CVE-2015-4535

Description

Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when __debug_trace__ is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing a login ticket.

Affected products

EMC Corporation/Documentum Content Server5 versions
cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000