Vulnerabilities > EMC > Documentum Eroom > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-03 | CVE-2017-2766 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in EMC Documentum Eroom 7.4.4/7.4.5/7.5.0 EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 7.5 |
2012-03-15 | CVE-2012-0398 | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Eroom EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. | 7.5 |
2011-11-09 | CVE-2011-2739 | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Eroom The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file. | 8.5 |