CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-9873

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, modify data or disrupt services by causing execution of arbitrary DQL commands on the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.3%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.5

References

http://www.securityfocus.com/archive/1/540060/30/0/threaded
http://www.securityfocus.com/bid/95828
http://www.securitytracker.com/id/1037733
http://www.securityfocus.com/archive/1/540060/30/0/threaded
http://www.securityfocus.com/bid/95828
http://www.securitytracker.com/id/1037733

Products affected by CVE-2016-9873

Emc » Documentum D2 » Version: 4.5

cpe:2.3:a:emc:documentum_d2:4.5
Emc » Documentum D2 » Version: 4.6

cpe:2.3:a:emc:documentum_d2:4.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9873

Products

Pricing

Contact Us