Port 10002 – DOCUMENTUM (EMC Documentum)

Why It’s Open

Port 10002 is used by EMC Documentum, an enterprise content management platform that handles document storage, workflow, and collaboration. Documentum systems often contain sensitive business documents, contracts, and intellectual property, making them high-value targets for attackers.

Common Risks

• Document repository access
  Unauthorized access to sensitive business documents
• Intellectual property theft
  Valuable company documents and trade secrets
• Privilege escalation
  Documentum admin access can lead to system compromise
• Workflow manipulation
  Altering business processes and approvals
• Data exfiltration
  Bulk download of document repositories
• Version control attacks
  Tampering with document history and versions
• Service enumeration
  Discovery of document types and organizational structure

Want to save time on reporting?

Let PentestPad generate, track, and export your reports - automatically.

Book a Demo

Enumeration & Testing

Service Detection:

nmap -sV -p 10002

Documentum Connection Test:

nc  10002

DQL Query Interface:

dmbasic -c "select count(*) from dm_document"

What to Look For

Mitigation

• Keep software updated
  Apply latest security patches
• Strong authentication
  Use complex passwords and 2FA
• Access restrictions
  Limit service to trusted networks
• Monitor activity
  Log and review service usage
• Disable if unused
  Remove unnecessary services

TL;DR

• Port 10002 = EMC Documentum content management
• High-value target containing sensitive business documents
• Enterprise system requiring strong access controls
• Critical for document security and intellectual property protection

Known CVEs and Exploits

• CVE-2019-3989 – EMC Documentum D2 remote code execution vulnerability
• CVE-2020-5346 – Dell EMC Documentum Content Server information disclosure
• CVE-2017-4971 – EMC Documentum xPlore privilege escalation vulnerability
• CVE-2021-21563 – Dell EMC Documentum REST Services authentication bypass