Hardcoded Passphrase Vulnerability in EMC Documentum D2

Hardcoded Passphrase Vulnerability in EMC Documentum D2

CVE-2015-4537 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.

Learn more about our Cis Benchmark Audit For Server Software.