Description
EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-264
Status
published
Products (4)
emc/documentum_eroom
7.3.0
emc/documentum_eroom
7.4.1
emc/documentum_eroom
7.4.2
emc/documentum_eroom
< 7.4.3
Published
Mar 15, 2012
Tracked Since
Feb 18, 2026