OpenText Documentum D2 version 4.x contains vulnerable BeanShell (bsh) and Apache Commons libraries and accepts serialized data from untrusted sources, which leads to remote code execution.
6fbad60d58b433df1796ee0732b8f646b591cb22d703a73a10ae6773eee2be66