EMC published a Security Alert on EMC Documentum: affected all content server versions from the 5.3 to the 6.6

As reported yesterday, EMC published a security advisory related to a privilege elevation vulnerability that I discovered some months ago.

The security advisory ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability does not explain the vulnerability in great detail. It is reported that

“EMC Documentum Content Server contains a security vulnerability that may allow a system administrator to elevate their or other users? privileges to highest super user privileges without appropriate authorization. Refer to EMC Documentum Content Server documentation for information on Documentum Content Server user and group privileges.”

(…)

EMC strongly recommends all customers upgrade or install identified patches at the earliest opportunity

I know the exploit and I think you have to upgrade or install patches if:

  1. your system are using one of the servers reported below:
      • Content Server 5.3
      • Content Server 6.0
      • Content Server 6.0 SP1
      • Content Server 6.5
      • Content Server 6.5 SP1
      • Content Server6.5 SP2 P01
      • Content Server6.5 SP3 P01
      •  Content Server6.6 SP2 P01
  2. there are active users with just Sysadmin privilege defined into the repository.

In these conditions you have to upgrade soon as possible your systems to one of these servers:

  • Content Server 6.5 SP2 P02 or later
  • Content Server 6.5 SP3 P02 or later
  • Content Server 6.6 P02 or later
  • Content Server 6.7

EMC did not release any patches for this security issue: EMC strongly recommends content server upgrade. There are some customers that cannot upgrade their systems due to upgrade costs (hardware and / or software upgrade, regression tests, etc). In other cases upgrade could not be completed just because customer did not pay yearly maintenance fee.

If you cannot upgrade or if you do not want to upgrade your systems right now, I can help you: I created a patch that solve this security problem. Send me an email to yuri.simione@artika.biz for more info about that.

Security advisory is reported on many sites like  http://www.securityfocus.com/archive/1/521449 or on PowerLink.

Follow me on Linkedin  or on Twitter

 

This entry was posted in ECM, EMC, Frontpage, Security alert and tagged , , , . Bookmark the permalink.

Leave a Reply