EMC Documentum Content Server Information Disclosure (ESA-2015-131)
Medium Nessus Plugin ID 85545
SynopsisThe remote host is affected by an information disclosure vulnerability.
DescriptionThe version of EMC Documentum Content Server running on the remote host is affected an information disclosure vulnerability due to passwords being stored as plaintext in log files for users with inline authentication. An authenticated, remote attacker with access to the log files can exploit this to login using the password of a different user. Note that this issue is present only when RPC tracing is enabled.
SolutionApply the relevant patch referenced in the vendor advisory.