This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote host is affected by multiple DQL injection vulnerabilities.
The EMC Documentum D2 running on the remote host is affected by DQL
injection vulnerabilities in the D2CenterstageService.getComments and
D2DownloadService.getDownloadUrls services due to a failure to
sanitize user-supplied input. A remote, authenticated attacker can
exploit these to bypass read-access restrictions, allowing the
disclosure of sensitive data in the database.
See also :
Upgrade to EMC D2 Documentum 4.2 P16 / 4.5 P03 or later.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : false