Lucene search

PRIOn knowledge basePRION:CVE-2015-4544

HistorySep 04, 2015 - 1:59 a.m.

Authorization

2015-09-0401:59:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.0%

JSON

EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4626.

CPENameOperatorVersion
documentum_content_servereq7.2
documentum_content_servereq7.1

CPE	Name	Operator	Version
	documentum_content_server	eq	7.2
	documentum_content_server	eq	7.1

References

packetstormsecurity.com/files/133441/EMC-Documentum-Content-Server-Privilege-Escalation.html

seclists.org/bugtraq/2015/Sep/18

6.5 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for PRION:CVE-2015-4544