Lucene search

PRIOn knowledge basePRION:CVE-2014-4629

HistoryDec 06, 2014 - 3:59 p.m.

Design/Logic Flaw

2014-12-0615:59:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.1%

JSON

EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before SP2 P19 allows remote authenticated users to read or delete arbitrary files via unspecified vectors related to an insecure direct object reference.

CPENameOperatorVersion
documentum_content_servereq6.7 sp2
documentum_content_servereq7.0
documentum_content_servereq7.1
documentum_content_servereq6.7
documentum_content_servereq6.7 sp1

Name	Operator	Version
documentum_content_server	eq	6.7 sp2
documentum_content_server	eq	7.0
documentum_content_server	eq	7.1
documentum_content_server	eq	6.7
documentum_content_server	eq	6.7 sp1

References

packetstormsecurity.com/files/129376/EMC-Documentum-Content-Server-Insecure-Direct-Object-Reference.html

www.securityfocus.com/archive/1/534135/100/0/threaded

www.securityfocus.com/bid/71422

www.securitytracker.com/id/1031298

exchange.xforce.ibmcloud.com/vulnerabilities/99085

6.8 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.1%

JSON

Related for PRION:CVE-2014-4629