CVE-2014-2521

2014-08-2011:17:13

CWE-200

[email protected]

web.nvd.nist.gov

emc

documentum

content server

authenticated users

sensitive object metadata

rpc command.

6.2 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

56.3%

JSON

EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.

Affected configurations

NVD

Node

emcdocumentum_content_serverRange≤6.7sp2

emcdocumentum_content_serverMatch6.0

emcdocumentum_content_serverMatch6.5

emcdocumentum_content_serverMatch6.5sp1

emcdocumentum_content_serverMatch6.5sp2

emcdocumentum_content_serverMatch6.5sp3

emcdocumentum_content_serverMatch6.6

emcdocumentum_content_serverMatch6.7-

emcdocumentum_content_serverMatch6.7sp1

emcdocumentum_content_serverMatch7.0

emcdocumentum_content_serverMatch7.1

CPENameOperatorVersion
emc:documentum_content_serveremc documentum content serverle6.7
emc:documentum_content_serveremc documentum content servereq6.0
emc:documentum_content_serveremc documentum content servereq6.5
emc:documentum_content_serveremc documentum content servereq6.6
emc:documentum_content_serveremc documentum content servereq7.0
emc:documentum_content_serveremc documentum content servereq7.1

CPE	Name	Operator	Version
emc:documentum_content_server	emc documentum content server	le	6.7
emc:documentum_content_server	emc documentum content server	eq	6.0
emc:documentum_content_server	emc documentum content server	eq	6.5
emc:documentum_content_server	emc documentum content server	eq	6.6
emc:documentum_content_server	emc documentum content server	eq	7.0
emc:documentum_content_server	emc documentum content server	eq	7.1