CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
56.6%
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.
Vendor | Product | Version | CPE |
---|---|---|---|
emc | documentum_taskspace | 6.7 | cpe:2.3:a:emc:documentum_taskspace:6.7:sp1:*:*:*:*:*:* |
emc | documentum_taskspace | 6.7 | cpe:2.3:a:emc:documentum_taskspace:6.7:sp2:*:*:*:*:*:* |