CVE-2014-2506

Published Jun 8, 2014

Last updated 6 years ago

Overview

Description: EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.
Source: security_alert@emc.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 10
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:*:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B188672-1EC2-4338-A868-BD562962D356",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDBAEC8D-D945-48CA-84DD-EDBE8029F636"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "730510E9-1AE8-44BF-A1DE-5ED40F22D0B6"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC8840D2-5DE8-4EB6-A03F-BFF1C8A9BF1B"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AC51C95-97DC-44B4-9935-9423CE60289A"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ACB8EDE-C6AF-4B85-83ED-74097A206B49"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25CD1EE0-4E72-4C42-857B-AA45F0A17BBB"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49659818-958F-4B5E-8DA4-B592C67DD13F"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4E00544-98F6-439C-8F4D-822FCAE775CA"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8335062A-5A8E-4076-B351-7DFA19CEC818"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B283F797-6DAA-40E1-9FAB-16FCAA5241B4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References