CVE-2013-3281
Published Nov 6, 2013
Last updated 11 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL.
- Source
- security_alert@emc.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_taskspace:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3270E32-E010-4E39-8E9E-6B05AAC89492",
"versionEndIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_taskspace:6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1466E81F-81E5-4B66-A26D-F7E6B395BEE7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_taskspace:6.7:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2E8773E-616D-467F-9361-B4F71E42EB26"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_capital_projects:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C3E66AD-4E04-43CF-BBF0-5EF937E0A6B2",
"versionEndIncluding": "1.8"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_wdk:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33A27CD7-EC02-4857-B3F5-209618BFD4DC",
"versionEndIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18F0547A-FA35-4115-8AF6-1819EBA2A6DC"
},
{
"criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3351A120-41F6-4C4C-94AD-4AF607D7837E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:*:sp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD943366-FEAC-47EC-A7B4-055C016E6508",
"versionEndIncluding": "6.5"
},
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1502E229-F43E-49C6-939C-7AA8AC109261"
},
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19888BA7-79F3-4349-94C9-BADE36472A49"
},
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E963CDB8-7C8E-4011-BC8A-D3FB30EB4832"
},
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FAFF369-27B7-4AC3-B7EE-EEF3301A0F32"
},
{
"criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68E91401-70C8-4243-AAB6-1968566E5A92"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A92A160F-7619-4C39-AB66-658EBC12EF36",
"versionEndIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1008C754-6E61-438A-908E-A8B26E049707"
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A289F06-4D31-4963-8D2F-D2E8F2146D5D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8313C21-9CB0-45B6-BB70-ACF81966EBDE",
"versionEndIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46F5211F-0307-4A35-A535-D6048FD25CBD"
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AC64E73-EBBF-4851-BB86-394941CA4625"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:*:sp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD051A73-40A0-410E-9515-2E57DB56ABD1",
"versionEndIncluding": "6.5"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37849165-C537-40E0-8311-EDC8F77301FD"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DE1215F-FCFD-40E3-90D7-229F2295B521"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B60F98D-62BB-4745-8BEB-04608C4E3F32"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7927999-12E9-4BF9-B2A6-51BA0A5D5E30"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2CCF762-2FBC-426C-A778-398550596A9F"
},
{
"criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69CFEE7E-BDD1-4CB6-B115-DFF3A881B160"
}
],
"operator": "OR"
}
]
}
]