Hardcoded Passphrase Vulnerability in EMC Documentum D2
CVE-2015-4537 · LOW Severity
AV:N/AC:M/AU:S/C:P/I:N/A:N
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.
Learn more about our Cis Benchmark Audit For Server Software.