CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:C/I:C/A:P
AI Score
Confidence
High
EPSS
Percentile
82.9%
EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script.
Vendor | Product | Version | CPE |
---|---|---|---|
emc | documentum_content_server | * | cpe:2.3:a:emc:documentum_content_server:*:sp1:*:*:*:*:*:* |
emc | documentum_content_server | 6.7 | cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:* |
emc | documentum_content_server | 6.7 | cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:* |
emc | documentum_content_server | 7.0 | cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:* |
emc | documentum_content_server | 7.1 | cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:* |