Tag Archives: Content Server

ESA-2014-046 – Multiple Content Server vulnerabilities fixed

Another day, another fix: someone can think that Content Server has too much vulnerabilities but for sure during these days EMC is working very hard to make his systems more secure. I appreciate the way EMC is working on vulnerabilities and if … Continue reading

Posted in ECM, EMC, Frontpage, Security alert | Tagged , | Leave a comment

ESA-2014-026: vulnerability explained

On January 3, 2014 I discovered a vulnerability related to Documentum Content Server that I communicated to EMC during the same day. On April 11, 2014 EMC published the ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability. One month after that, in this … Continue reading

Posted in Blogroll, ECM, EMC, Frontpage, Next 2U Consulting, Security alert | Tagged , , , | Leave a comment

OpenSSL Heartbleed and Documentum – Update – ESA-2014-037

Today EMC reported on the ESA-2014-037 that the the impact of OpenSSL Heartbleed vulnerability (CVE-2014-0160) on Documentum Content Server is limited to: Fulltext query plugin used by the Content Server to communicate with the xPlore server; CAS plugin, used by the … Continue reading

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , | Leave a comment

ESA-2014-023: EMC Documentum JBOSS Remote Code Execution Vulnerability

Today EMC published two security bulletins. The first one, the ESA-2014-026, is a vulnerability I discovered. The second one is related to a standard Jboss vulnerability. Jboss is used for some Documentum component like Documentum Java Method Server and xPlore. Below … Continue reading

Posted in Blogroll, ECM, EMC, Frontpage, Security alert, Technologies, Uncategorized | Tagged , | Leave a comment

ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability

This January I discovered a security issue that affects some EMC Documentum Content Server engines. EMC resolved this issue and just today released the security bulletin Esa-2014-26. This is the second credit I received from EMC after the one published … Continue reading

Posted in Blogroll, ECM, EMC, Frontpage, Next 2U Consulting, Security alert, Technologies | Tagged , | Leave a comment

ESA-2012-009 – Security Alert on EMC Documentum: security patch ready

Today I verified that the security issue reported on this site and on many security related sites like SecurityFocus affects even Content Server 5.3 in addition to many 6.x systems. I know the exploit and I think you have to upgrade or install patches if: … Continue reading

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , , , , , | Leave a comment