CVE-2015-4537 Information

Description

Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.

Reference

http://seclists.org/bugtraq/2015/Aug/117 http://www.securitytracker.com/id/1033345