Lucene search

K
nvd[email protected]NVD:CVE-2015-4535
HistoryAug 20, 2015 - 10:59 a.m.

CVE-2015-4535

2015-08-2010:59:17
CWE-264
web.nvd.nist.gov
6
java method server
emc documentum
remote authenticated users
super-user privileges

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:P/I:P/A:C

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

68.7%

Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when debug_trace is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing a login ticket.

Affected configurations

Nvd
Node
emcdocumentum_content_serverMatch6.7sp1
OR
emcdocumentum_content_serverMatch6.7sp2
OR
emcdocumentum_content_serverMatch7.0
OR
emcdocumentum_content_serverMatch7.1
OR
emcdocumentum_content_serverMatch7.2
VendorProductVersionCPE
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*
emcdocumentum_content_server7.0cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
emcdocumentum_content_server7.1cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
emcdocumentum_content_server7.2cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:P/I:P/A:C

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

68.7%

Related for NVD:CVE-2015-4535