CVE-2017-2766
Published Feb 3, 2017
Last updated 8 years ago
Overview
- Description
- EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-640
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DD159D8-DCB0-4A27-BEFC-BFC626B2C200"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.4:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C44A1651-72B7-446A-98CA-18BD0E4E72D0"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76F12875-669C-43C7-9D00-164089E27D84"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p01:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ADC4B3E-A538-4A85-B084-AF4E47734C12"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p02:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7E06195-1C7E-429E-8E39-CB2455741E2D"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p03:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BED2FD3-0A0E-4C89-94BB-D02434499445"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DCE8AD3-12F1-4952-BAE7-98F0B667595F"
}
],
"operator": "OR"
}
]
}
]