Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing creation of a file in a non-owned directory, or as the root user. However, these controls can be carefully bypassed to allow for an arbitrary file write as root.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenText Documentum Content Server 安全漏洞
Vulnerability Description
OpenText Documentum Content Server是OpenText公司的一个数据存储平台,用于提供对任何类型内容的安全、企业范围的控制。 OpenText Documentum Content Server 23.2之前版本存在安全漏洞,该漏洞源于存在权限升级问题,攻击者利用该漏洞可能绕过安全控制,以root身份写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A