Lucene search

[email protected]CVE-2014-2518

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-2518

2014-08-2011:17:00

CWE-352

[email protected]

web.nvd.nist.gov

cve

2014

2518

emc

documentum

wdk

csrf

vulnerabilities

nvd

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.2%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.

CPENameOperatorVersion
emc:documentum_webtopemc documentum webtopeq6.7
emc:documentum_administratoremc documentum administratoreq6.7
emc:web_publishersemc web publisherseq6.5
emc:documentum_capital_projectsemc documentum capital projectseq1.8
emc:documentum_records_manageremc documentum records managereq6.7
emc:documentum_wdkemc documentum wdkeq6.7
emc:digital_assets_manageremc digital assets managereq6.5
emc:engineering_plant_facilities_management_solution_for_documentumemc engineering plant facilities management solution for documentumeq1.7
emc:documentum_administratoremc documentum administratoreq7.1
emc:documentum_capital_projectsemc documentum capital projectseq1.9

CPE	Name	Operator	Version
emc:documentum_webtop	emc documentum webtop	eq	6.7
emc:documentum_administrator	emc documentum administrator	eq	6.7
emc:web_publishers	emc web publishers	eq	6.5
emc:documentum_capital_projects	emc documentum capital projects	eq	1.8
emc:documentum_records_manager	emc documentum records manager	eq	6.7
emc:documentum_wdk	emc documentum wdk	eq	6.7
emc:digital_assets_manager	emc digital assets manager	eq	6.5
emc:engineering_plant_facilities_management_solution_for_documentum	emc engineering plant facilities management solution for documentum	eq	1.7
emc:documentum_administrator	emc documentum administrator	eq	7.1
emc:documentum_capital_projects	emc documentum capital projects	eq	1.9

Rows per page:

1-10 of 121

References

secunia.com/advisories/60563

www.securityfocus.com/archive/1/533159/30/0/threaded

www.securityfocus.com/bid/69277

www.securitytracker.com/id/1030742

exchange.xforce.ibmcloud.com/vulnerabilities/95365

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.2%

JSON

Related for CVE-2014-2518

prion2 securityvulns3 cve1 cert1