// For flags

CVE-2015-0527

 

Severity Score

2.1
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file.

EMC Documentum xCelerated Management System (xMS) 1.1 anterior a P14 almacena los credenciales de Windows Service en texto plano en un fichero de lotes durante la provisiĆ³n de Documentum Platform y xCelerated Composition Platform (xCP), lo que permite a usuarios locales obtener informaciĆ³n sensible mediante la lectura de un fichero.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-12-17 CVE Reserved
  • 2015-03-23 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Emc
Search vendor "Emc"
 Documentum Xcelerated Management System
Search vendor "Emc" for product "Documentum Xcelerated Management System"
 1.1
Search vendor "Emc" for product "Documentum Xcelerated Management System" and version "1.1"
-
Affected