Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC Documentum xCP 安全漏洞
Vulnerability Description
EMC Documentum xCP是美国易安信(EMC)公司的一套使用可自动执行信息密集型流程来帮助用户做出业务决策的开发平台。该平台提供实时可见性、内容分析及业务洞察力等功能。 EMC Documentum xCP patch 23之前2.1版本和patch 11之前2.2版本中存在安全漏洞。远程攻击者可通过向REST请求附加DQL查询利用该漏洞实施Documentum Query Language(DQL)注入攻击,获取敏感的资源库信息。
CVSS Information
N/A
Vulnerability Type
N/A