Design Flaw in OpenText Documentum Content Server Leading to Unauthorized File Access
CVE-2017-15014

4.3MEDIUM

Key Information:

Vendor
Opentext
Status
Documentum Content Server
Vendor
CVE Published:
13 October 2017

Summary

OpenText Documentum Content Server, as of version 7.3, contains a design flaw that permits authenticated users to download arbitrary content files irrespective of their repository permissions. This vulnerability arises when a user uploads files and subsequently requests to create a dmr_content object that points to an existing content file on the server. As a result, any authenticated user can manipulate the DATA_TICKET provided by the Content Server during the upload process, leading to unauthorized file access. This flaw highlights the need for stricter permission checks in the content management workflow.

References

http://www.securityfocus.com/bid/101639
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/43005/
exploitx_refsource_EXPLOIT-DB
http://seclists.org/bugtraq/2017/Oct/19
x_refsource_MISC

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.