Lucene search

PRIOn knowledge basePRION:CVE-2014-2514

HistoryJul 08, 2014 - 11:06 a.m.

Authorization

2014-07-0811:06:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

8.2 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:C/I:C/A:P

0.009 Low

EPSS

Percentile

82.4%

JSON

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save RPC commands with super-user privileges, and consequently execute arbitrary code, via unspecified vectors.

CPENameOperatorVersion
documentum_content_servereq6.7
documentum_content_servereq6.7 sp2
documentum_content_servereq7.0
documentum_content_serverle6.7
documentum_content_servereq7.1

Name	Operator	Version
documentum_content_server	eq	6.7
documentum_content_server	eq	6.7 sp2
documentum_content_server	eq	7.0
documentum_content_server	le	6.7
documentum_content_server	eq	7.1

References

archives.neohapsis.com/archives/bugtraq/2014-07/0024.html

secunia.com/advisories/59757

www.securityfocus.com/bid/68436

www.securitytracker.com/id/1030529

7.5 High

AI Score

Confidence

Low

8.2 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:C/I:C/A:P

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for PRION:CVE-2014-2514