CVE-2014-2508
Published Jun 8, 2014
Last updated 6 years ago
Overview
- Description
- EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.
- Source
- security_alert@emc.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 8.5
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:C/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B188672-1EC2-4338-A868-BD562962D356",
"versionEndIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDBAEC8D-D945-48CA-84DD-EDBE8029F636"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "730510E9-1AE8-44BF-A1DE-5ED40F22D0B6"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC8840D2-5DE8-4EB6-A03F-BFF1C8A9BF1B"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AC51C95-97DC-44B4-9935-9423CE60289A"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0ACB8EDE-C6AF-4B85-83ED-74097A206B49"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25CD1EE0-4E72-4C42-857B-AA45F0A17BBB"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49659818-958F-4B5E-8DA4-B592C67DD13F"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4E00544-98F6-439C-8F4D-822FCAE775CA"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8335062A-5A8E-4076-B351-7DFA19CEC818"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B283F797-6DAA-40E1-9FAB-16FCAA5241B4"
}
],
"operator": "OR"
}
]
}
]