Dimensions Cm Security Vulnerabilities and Issues — Dimensions Cm CVE List

Lucene search

SerenaDimensions Cm

2 matches found

CVE•added 2014/03/06 11:55 a.m.•42 views

CVE-2014-0336

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.

6.8CVSS7.3AI score0.00066EPSS

CVE•added 2014/03/06 11:55 a.m.•31 views

CVE-2014-0335

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2) DB_NAME, (3) DM_HOST, (4) MAN_DB_NAME, (5) framecmd, (6) identifier, (7) merant.adm.adapters.AdmDia...

4.3CVSS5.9AI score0.00589EPSS