Remote Code Execution Vulnerability in OpenText Documentum D2 4.x
CVE-2017-5586
9.8CRITICAL
Summary
OpenText Documentum D2 4.x systems are vulnerable to remote code execution due to improperly handled serialized Java objects. Attackers can exploit this weakness to execute arbitrary commands, compromising system integrity and sensitive data. This issue involves the BeanShell (bsh) and Apache Commons Collections (ACC) libraries, making it critical for organizations to patch their systems promptly to safeguard against potential exploitation.
References
EPSS Score
37% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved