[email protected]CVE-2014-2511

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-2511

2014-08-2011:17:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-2511

emc documentum

webtop

xss

vulnerabilities

remote attackers

web script

html

nvd

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CPENameOperatorVersion
emc:documentum_webtopemc documentum webtopeq6.7
emc:records_clientemc records clienteq6.7
emc:documentum_administratoremc documentum administratoreq6.7
emc:web_publishersemc web publisherseq6.5
emc:documentum_capital_projectsemc documentum capital projectseq1.8
emc:task_spaceemc task spaceeq6.7
emc:digital_assets_manageremc digital assets managereq6.5
emc:engineering_plant_facilities_management_solution_for_documentumemc engineering plant facilities management solution for documentumeq1.7
emc:documentum_administratoremc documentum administratoreq7.1
emc:documentum_capital_projectsemc documentum capital projectseq1.9

CPE	Name	Operator	Version
emc:documentum_webtop	emc documentum webtop	eq	6.7
emc:records_client	emc records client	eq	6.7
emc:documentum_administrator	emc documentum administrator	eq	6.7
emc:web_publishers	emc web publishers	eq	6.5
emc:documentum_capital_projects	emc documentum capital projects	eq	1.8
emc:task_space	emc task space	eq	6.7
emc:digital_assets_manager	emc digital assets manager	eq	6.5
emc:engineering_plant_facilities_management_solution_for_documentum	emc engineering plant facilities management solution for documentum	eq	1.7
emc:documentum_administrator	emc documentum administrator	eq	7.1
emc:documentum_capital_projects	emc documentum capital projects	eq	1.9

Rows per page:

1-10 of 111

References

secunia.com/advisories/60561

www.securityfocus.com/archive/1/533160/30/0/threaded

www.securityfocus.com/bid/69272

www.securitytracker.com/id/1030741

exchange.xforce.ibmcloud.com/vulnerabilities/95366

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.1%

JSON

Related for CVE-2014-2511

securityvulns2 prion1