XML External Entity Vulnerabilities in OpenText Documentum Administrator by OpenText

CVE-2017-14526

What is CVE-2017-14526?

Multiple XML external entity (XXE) vulnerabilities in OpenText Documentum Administrator enable remote authenticated users to exploit crafted DTDs and XML files. These vulnerabilities could lead to the unauthorized listing of arbitrary directories, reading sensitive files, and causing a denial of service. Particularly on Windows systems, attackers can compromise Documentum user credentials by manipulating XML requests. The issues arise from insufficient validation of XML input, posing a significant risk to organizational data security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References