Описание
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.
Уязвимые конфигурации
Конфигурация 1Версия до 4.4 (включая)
cpe:2.3:a:emc:documentum_d2:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00176
Низкий
3.5 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.
EPSS
Процентиль: 39%
0.00176
Низкий
3.5 Low
CVSS2
Дефекты
CWE-200