ESA-2017-007: EMC Documentum eRoom Unverified Password Change Vulnerability

--_002_1BF8853173D9704A93EF882F85952A891D99A5MX304CL04corpemcc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable



--_002_1BF8853173D9704A93EF882F85952A891D99A5MX304CL04corpemcc_
Content-Type: text/plain; name="ESA-2017-007.txt"
Content-Description: ESA-2017-007.txt
Content-Disposition: attachment; filename="ESA-2017-007.txt"; size=3458;
	creation-date="Tue, 24 Jan 2017 21:33:07 GMT";
	modification-date="Tue, 31 Jan 2017 15:14:49 GMT"
Content-Transfer-Encoding: base64

LS0tLS1CRUdJTiBQR1AgU0lHTkVEIE1FU1NBR0UtLS0tLQ0KSGFzaDogU0hBMjU2DQoNCkVTQS0y
MDE3LTAwNzogRU1DIERvY3VtZW50dW0gZVJvb20gVW52ZXJpZmllZCBQYXNzd29yZCBDaGFuZ2Ug
VnVsbmVyYWJpbGl0eQ0KDQpFTUMgSWRlbnRpZmllcjogRVNBLTIwMTctMDA3IA0KQ1ZFIElkZW50
aWZpZXI6IENWRS0yMDE3LTI3NjYNClNldmVyaXR5IFJhdGluZzogQ1ZTUyB2MyBCYXNlIFNjb3Jl
OiA1LjcgKEFWOlAvQUM6TC9QUjpOL1VJOk4vUzpVL0M6SC9JOkwvQTpMKQ0KDQpBZmZlY3RlZCBw
cm9kdWN0czogIA0KRU1DIERvY3VtZW50dW0gZVJvb20gdmVyc2lvbiA3LjQuNA0KRU1DIERvY3Vt
ZW50dW0gZVJvb20gdmVyc2lvbiA3LjQuNCBTUDENCkVNQyBEb2N1bWVudHVtIGVSb29tIHZlcnNp
b24gcHJpb3IgdG8gNy40LjUgUDA0DQpFTUMgRG9jdW1lbnR1bSBlUm9vbSB2ZXJzaW9uIHByaW9y
IHRvIDcuNS4wIFAwMQ0KDQpTdW1tYXJ5OiAgDQpFTUMgRG9jdW1lbnR1bSBlUm9vbSBpbmNsdWRl
cyBhbiB1bnZlcmlmaWVkIHBhc3N3b3JkIGNoYW5nZSB2dWxuZXJhYmlsaXR5IHRoYXQgY291bGQg
cG90ZW50aWFsbHkgYmUgZXhwbG9pdGVkIGJ5IG1hbGljaW91cyB1c2VycyB0byBjb21wcm9taXNl
IHRoZSBhZmZlY3RlZCBzeXN0ZW0uIA0KDQpEZXRhaWxzOiAgDQpXaGVuIHNldHRpbmcgYSBuZXcg
cGFzc3dvcmQgZm9yIGFuIGFkbWluIHVzZXIsIGVSb29tIGRvZXMgbm90IHJlcXVpcmUga25vd2xl
ZGdlIG9mIHRoZSBvcmlnaW5hbCBwYXNzd29yZCBvciBhbnkgYW5vdGhlciBmb3JtIG9mIGF1dGhl
bnRpY2F0aW9uLiBBbnkgbWFsaWNpb3VzIGF0dGFja2VyLCBoYXZpbmcgcGh5c2ljYWwgYWNjZXNz
IHRvIGFueSBhZG1pbpJzIGxvZ2dlZCBpbiBzZXNzaW9uIGluIGJyb3dzZXIgb3Igc3RlYWxpbmcg
dGhlIHNlc3Npb24gb2YgdGhlIGFkbWluIG92ZXIgYSBub24gSFRUUFMgdHJhZmZpYywgY2FuIHBv
dGVudGlhbGx5IGNoYW5nZSB0aGUgYWRtaW4gcGFzc3dvcmQuDQoNCg0KUmVzb2x1dGlvbjogIA0K
VGhlIGZvbGxvd2luZyBFTUMgRG9jdW1lbnR1bSBlUm9vbSByZWxlYXNlcyBjb250YWluIHJlc29s
dXRpb24gdG8gdGhpcyB2dWxuZXJhYmlsaXR5Og0KlQlFTUMgRG9jdW1lbnR1bSBlUm9vbSAgdmVy
c2lvbiA3LjQuNSBwYXRjaCAwNCBhbmQgbGF0ZXINCpUJRU1DIERvY3VtZW50dW0gZVJvb20gIHZl
cnNpb24gNy41IFAwMSBhbmQgbGF0ZXINCpUJRU1DIERvY3VtZW50dW0gZVJvb20gdmVyc2lvbiA3
LjQuNCBTUDEgSG90IGZpeA0KDQpFTUMgcmVjb21tZW5kcyB0aGF0IGFsbCBjdXN0b21lcnMgdXBn
cmFkZSB0byBvbmUgb2YgdGhlIHZlcnNpb25zIGxpc3RlZCBhYm92ZSBhdCB0aGUgZWFybGllc3Qg
b3Bwb3J0dW5pdHkNCg0KTGluayB0byByZW1lZGllczoNCg0KQ3VzdG9tZXJzIGNhbiBkb3dubG9h
ZCBzb2Z0d2FyZSBmcm9tIGh0dHBzOi8vc3VwcG9ydC5lbWMuY29tL2Rvd25sb2Fkcy81MzI0X0Rv
Y3VtZW50dW0tZVJvb20gDQoNCltUaGUgZm9sbG93aW5nIGlzIHN0YW5kYXJkIHRleHQgaW5jbHVk
ZWQgaW4gYWxsIHNlY3VyaXR5IGFkdmlzb3JpZXMuICBQbGVhc2UgZG8gbm90IGNoYW5nZSBvciBk
ZWxldGUuXQ0KDQpSZWFkIGFuZCB1c2UgdGhlIGluZm9ybWF0aW9uIGluIHRoaXMgRU1DIFNlY3Vy
aXR5IEFkdmlzb3J5IHRvIGFzc2lzdCBpbiBhdm9pZGluZyBhbnkgc2l0dWF0aW9uIHRoYXQgbWln
aHQgYXJpc2UgZnJvbSB0aGUgcHJvYmxlbXMgZGVzY3JpYmVkIGhlcmVpbi4gSWYgeW91IGhhdmUg
YW55IHF1ZXN0aW9ucyByZWdhcmRpbmcgdGhpcyBwcm9kdWN0IGFsZXJ0LCBjb250YWN0IEVNQyBT
b2Z0d2FyZSBUZWNobmljYWwgU3VwcG9ydCBhdCAxLTg3Ny01MzQtMjg2Ny4NCg0KRm9yIGFuIGV4
cGxhbmF0aW9uIG9mIFNldmVyaXR5IFJhdGluZ3MsIHJlZmVyIHRvIEVNQyBLbm93bGVkZ2ViYXNl
IHNvbHV0aW9uIGVtYzIxODgzMS4gRU1DIHJlY29tbWVuZHMgYWxsIGN1c3RvbWVycyB0YWtlIGlu
dG8gYWNjb3VudCBib3RoIHRoZSBiYXNlIHNjb3JlIGFuZCBhbnkgcmVsZXZhbnQgdGVtcG9yYWwg
YW5kIGVudmlyb25tZW50YWwgc2NvcmVzIHdoaWNoIG1heSBpbXBhY3QgdGhlIHBvdGVudGlhbCBz
ZXZlcml0eSBhc3NvY2lhdGVkIHdpdGggcGFydGljdWxhciBzZWN1cml0eSB2dWxuZXJhYmlsaXR5
Lg0KDQpFTUMgcmVjb21tZW5kcyB0aGF0IGFsbCB1c2VycyBkZXRlcm1pbmUgdGhlIGFwcGxpY2Fi
aWxpdHkgb2YgdGhpcyBpbmZvcm1hdGlvbiB0byB0aGVpciBpbmRpdmlkdWFsIHNpdHVhdGlvbnMg
YW5kIHRha2UgYXBwcm9wcmlhdGUgYWN0aW9uLiBUaGUgaW5mb3JtYXRpb24gc2V0IGZvcnRoIGhl
cmVpbiBpcyBwcm92aWRlZCAiYXMgaXMiIHdpdGhvdXQgd2FycmFudHkgb2YgYW55IGtpbmQuIEVN
QyBkaXNjbGFpbXMgYWxsIHdhcnJhbnRpZXMsIGVpdGhlciBleHByZXNzIG9yIGltcGxpZWQsIGlu
Y2x1ZGluZyB0aGUgd2FycmFudGllcyBvZiBtZXJjaGFudGFiaWxpdHksIGZpdG5lc3MgZm9yIGEg
cGFydGljdWxhciBwdXJwb3NlLCB0aXRsZSBhbmQgbm9uLWluZnJpbmdlbWVudC4gSW4gbm8gZXZl
bnQsIHNoYWxsIEVNQyBvciBpdHMgc3VwcGxpZXJzLCBiZSBsaWFibGUgZm9yIGFueSBkYW1hZ2Vz
IHdoYXRzb2V2ZXIgaW5jbHVkaW5nIGRpcmVjdCwgaW5kaXJlY3QsIGluY2lkZW50YWwsIGNvbnNl
cXVlbnRpYWwsIGxvc3Mgb2YgYnVzaW5lc3MgcHJvZml0cyBvciBzcGVjaWFsIGRhbWFnZXMsIGV2
ZW4gaWYgRU1DIG9yIGl0cyBzdXBwbGllcnMgaGF2ZSBiZWVuIGFkdmlzZWQgb2YgdGhlIHBvc3Np
YmlsaXR5IG9mIHN1Y2ggZGFtYWdlcy4gU29tZSBzdGF0ZXMgZG8gbm90IGFsbG93IHRoZSBleGNs
dXNpb24gb3IgbGltaXRhdGlvbiBvZiBsaWFiaWxpdHkgZm9yIGNvbnNlcXVlbnRpYWwgb3IgaW5j
aWRlbnRhbCBkYW1hZ2VzLCBzbyB0aGUgZm9yZWdvaW5nIGxpbWl0YXRpb24gbWF5IG5vdCBhcHBs
eS4NCg0KDQoNCi0tLS0tQkVHSU4gUEdQIFNJR05BVFVSRS0tLS0tDQpWZXJzaW9uOiBHbnVQRyB2
Mg0KDQppUUVjQkFFQkNBQUdCUUpZa0tuWEFBb0pFSGJjdStmc0U4MVp6WVFILzJLZVdXc0ErTy83
eWkrcitndlNibkdBDQo4UXpZK213djlHR2xNSEsrTk4wUTMxM3BKM1JxSnJaWWFZMy9KMHVHN0xz
a1dLQUZ5TnpKTU1lSFNFTnNvQk5lDQpUbTY2Sis0a1B6RGU5T2tBaDh3TEZVYWtBbnJ1eFkvR0tN
MkJyRjVhZXE0azNrTmpsU3A3Q29DY3VNUkV4V0RZDQpSQVZKcmNpQ1pSYzkrWXdmQ1R6QnVrZEhi
TXJHcHdHVXJmZEhqUXd2eWJIN2hycDhSSnlSVlFPU0dMNXZzR1NDDQowdldFUUx1QnFaYzRBZjZi
N2MwQWZ5aFUrY1Q4MW5HNmdHeW8wSGVzSHEvamlTQXgyUFRRampUYWNnc2VIeUdtDQpVNkZFRUNM
L001YVhuZjgwMGVMeUFqZmlEamtMc2drT2dKb0sxVUQwM2l3cGlpZ3JRUWtSWlQ1UmJhbjRZa2c9
DQo9R1RZVw0KLS0tLS1FTkQgUEdQIFNJR05BVFVSRS0tLS0tDQo=

--_002_1BF8853173D9704A93EF882F85952A891D99A5MX304CL04corpemcc_--