CVE-2014-2521

Published Aug 20, 2014

Last updated 7 years ago

Overview

Description: EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.
Source: security_alert@emc.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.3
Impact score: 6.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D76BC7EC-B77D-4C40-AC45-347EC6618C94",
            "versionEndIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDBAEC8D-D945-48CA-84DD-EDBE8029F636"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "730510E9-1AE8-44BF-A1DE-5ED40F22D0B6"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC8840D2-5DE8-4EB6-A03F-BFF1C8A9BF1B"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AC51C95-97DC-44B4-9935-9423CE60289A"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ACB8EDE-C6AF-4B85-83ED-74097A206B49"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25CD1EE0-4E72-4C42-857B-AA45F0A17BBB"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49659818-958F-4B5E-8DA4-B592C67DD13F"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "414C33C7-CD76-49A4-9BE5-354860F2F635"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8335062A-5A8E-4076-B351-7DFA19CEC818"
          },
          {
            "criteria": "cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B283F797-6DAA-40E1-9FAB-16FCAA5241B4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References