Improper Permission Enforcement in EMC Documentum xPlore Allows Unauthorized Object Discovery and Metadata Reading
CVE-2012-0396 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search.
Learn more about our User Device Pen Test.