- Description
- Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when __debug_trace__ is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing a login ticket.
- Source
- security_alert@emc.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 8.5
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:C
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "414C33C7-CD76-49A4-9BE5-354860F2F635"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4E00544-98F6-439C-8F4D-822FCAE775CA"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8335062A-5A8E-4076-B351-7DFA19CEC818"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B283F797-6DAA-40E1-9FAB-16FCAA5241B4"
},
{
"criteria": "cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87453E34-AC8E-4C79-8486-B4888C621B1C"
}
],
"operator": "OR"
}
]
}
]