CVE-2014-4622

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-4622
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.

7.1 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://archives.neohapsis.com/archives/bugtraq/2014-09/0093.html
http://secunia.com/advisories/61251
http://www.securityfocus.com/bid/69819
http://www.securitytracker.com/id/1030855
https://exchange.xforce.ibmcloud.com/vulnerabilities/95990
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:documentum_content_server:*:sp2:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
History

No history.

Information

Published : 2014-09-17 10:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-4622

Mitre link : CVE-2014-4622

CVE.ORG link : CVE-2014-4622

JSON object : View

Products Affected

emc

  • documentum_content_server
CWE
CWE-264

Permissions, Privileges, and Access Controls