CVE-2014-2511

Published Aug 20, 2014

Last updated 7 years ago

Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
Source: security_alert@emc.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C8B2F44-0C11-4C5F-A9BF-370B2200C02C"
          },
          {
            "criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F9563AE-98CF-47FE-BD6F-DE6A16FCE9F3"
          },
          {
            "criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3E8924B-2D5F-4C58-A52E-98D7EC559484"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1008C754-6E61-438A-908E-A8B26E049707"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A289F06-4D31-4963-8D2F-D2E8F2146D5D"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E63A8B26-9B98-47CB-8CB6-896ACFC85FFC"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34D56991-BEA6-4160-9E5C-4B7034DB1FD5"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E97C5C13-EBDB-4906-8875-1D8D70C68206"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBA794FE-5435-4657-B064-C4431D22A575"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B0AED45-805C-4AE2-A12C-11F8710A7F06"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46F5211F-0307-4A35-A535-D6048FD25CBD"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AC64E73-EBBF-4851-BB86-394941CA4625"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3AA619F-A9DF-489C-A6BA-BF044B3C20BE"
          },
          {
            "criteria": "cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2348B52A-CE72-46FC-BC2F-037109752D02"
          },
          {
            "criteria": "cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09A02ABE-068E-4916-874A-56E8C7714E51"
          },
          {
            "criteria": "cpe:2.3:a:emc:records_client:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DA0CB76-D7A1-45D7-9A7C-3A5B078DEFF4"
          },
          {
            "criteria": "cpe:2.3:a:emc:records_client:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B1686DE-27ED-429B-AB2C-EAFE3DABB2FD"
          },
          {
            "criteria": "cpe:2.3:a:emc:records_client:6.7:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "045CADF0-2588-42B0-B8A9-9BA0D4213681"
          },
          {
            "criteria": "cpe:2.3:a:emc:task_space:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96E9E86B-DFD4-429B-BF45-81D9DEA5638F"
          },
          {
            "criteria": "cpe:2.3:a:emc:task_space:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6953B52A-612A-4C25-B3BA-B633C011BE3B"
          },
          {
            "criteria": "cpe:2.3:a:emc:task_space:6.7:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73A6B036-80E3-4714-B9D4-CFA6E03A32B5"
          },
          {
            "criteria": "cpe:2.3:a:emc:web_publishers:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1CDFCCE-AE01-4AE7-84CC-D8E2519C0B30"
          },
          {
            "criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7543EDA8-0F65-4099-AB80-D98685B11F8B"
          },
          {
            "criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "967D249D-CC16-4F33-B4C6-3F096C410D1B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References