Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC Documentum Content Server 权限许可和访问控制漏洞
Vulnerability Description
EMC Documentum Content Server是美国易安信(EMC)公司的一套内容管理服务系统。该系统主要用于管理Documentum内容存储库,可对文档进行创建、修改和跟踪等操作。 EMC Documentum Content Server 6.7 SP2 P16及之前版本和7.1 P07之前7.x版本中存在安全漏洞,该漏洞源于程序使用Oracle数据库时,没有正确限制DQL提示。远程攻击者可通过发送特制的请求利用该漏洞实施DQL注入攻击,读取敏感的数据库内容。
CVSS Information
N/A
Vulnerability Type
N/A