- Description
- EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system.
- Source
- security_alert@emc.com
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-640
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DD159D8-DCB0-4A27-BEFC-BFC626B2C200"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.4:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C44A1651-72B7-446A-98CA-18BD0E4E72D0"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76F12875-669C-43C7-9D00-164089E27D84"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p01:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ADC4B3E-A538-4A85-B084-AF4E47734C12"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p02:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7E06195-1C7E-429E-8E39-CB2455741E2D"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.4.5:p03:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BED2FD3-0A0E-4C89-94BB-D02434499445"
},
{
"criteria": "cpe:2.3:a:emc:documentum_eroom:7.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DCE8AD3-12F1-4952-BAE7-98F0B667595F"
}
],
"operator": "OR"
}
]
}
]