Authorization

2014-09-1710:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.1%

JSON

EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.

CPENameOperatorVersion
documentum_content_servereq6.7
documentum_content_servereq7.0
documentum_content_servereq6.0
documentum_content_servereq6.5 sp2
documentum_content_servereq6.5
documentum_content_servereq6.6
documentum_content_servereq6.5 sp1
documentum_content_servereq7.1
documentum_content_serverle6.7
documentum_content_servereq6.5 sp3

Name	Operator	Version
documentum_content_server	eq	6.7
documentum_content_server	eq	7.0
documentum_content_server	eq	6.0
documentum_content_server	eq	6.5 sp2
documentum_content_server	eq	6.5
documentum_content_server	eq	6.6
documentum_content_server	eq	6.5 sp1
documentum_content_server	eq	7.1
documentum_content_server	le	6.7
documentum_content_server	eq	6.5 sp3