CVE-2013-3281

Published Nov 6, 2013

Last updated 11 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL.
Source: security_alert@emc.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_taskspace:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3270E32-E010-4E39-8E9E-6B05AAC89492",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_taskspace:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1466E81F-81E5-4B66-A26D-F7E6B395BEE7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_taskspace:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2E8773E-616D-467F-9361-B4F71E42EB26"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_capital_projects:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C3E66AD-4E04-43CF-BBF0-5EF937E0A6B2",
            "versionEndIncluding": "1.8"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_wdk:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33A27CD7-EC02-4857-B3F5-209618BFD4DC",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18F0547A-FA35-4115-8AF6-1819EBA2A6DC"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3351A120-41F6-4C4C-94AD-4AF607D7837E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:*:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD943366-FEAC-47EC-A7B4-055C016E6508",
            "versionEndIncluding": "6.5"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1502E229-F43E-49C6-939C-7AA8AC109261"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19888BA7-79F3-4349-94C9-BADE36472A49"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E963CDB8-7C8E-4011-BC8A-D3FB30EB4832"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FAFF369-27B7-4AC3-B7EE-EEF3301A0F32"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68E91401-70C8-4243-AAB6-1968566E5A92"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A92A160F-7619-4C39-AB66-658EBC12EF36",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1008C754-6E61-438A-908E-A8B26E049707"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A289F06-4D31-4963-8D2F-D2E8F2146D5D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8313C21-9CB0-45B6-BB70-ACF81966EBDE",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46F5211F-0307-4A35-A535-D6048FD25CBD"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AC64E73-EBBF-4851-BB86-394941CA4625"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:*:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD051A73-40A0-410E-9515-2E57DB56ABD1",
            "versionEndIncluding": "6.5"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37849165-C537-40E0-8311-EDC8F77301FD"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DE1215F-FCFD-40E3-90D7-229F2295B521"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B60F98D-62BB-4745-8BEB-04608C4E3F32"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7927999-12E9-4BF9-B2A6-51BA0A5D5E30"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2CCF762-2FBC-426C-A778-398550596A9F"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_web_publisher:6.5:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69CFEE7E-BDD1-4CB6-B115-DFF3A881B160"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References