CVE-2015-4534

Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 allows remote authenticated users to execute arbitrary code by forging a signature for a query string that lacks the method_verb parameter.

CVSS v2.0 9.0 HIGH

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://seclists.org/bugtraq/2015/Aug/86
http://www.securityfocus.com/bid/76410
http://www.securitytracker.com/id/1033296

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:emc:documentum_content_server:6.7:sp1::::::
	cpe:2.3:a:emc:documentum_content_server:6.7:sp2::::::
	cpe:2.3:a:emc:documentum_content_server:7.0:::::::*
	cpe:2.3:a:emc:documentum_content_server:7.1:::::::*
	cpe:2.3:a:emc:documentum_content_server:7.2:::::::*

History

No history.

Information

Published : 2015-08-20 10:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-4534

Mitre link : CVE-2015-4534

CVE.ORG link : CVE-2015-4534

JSON object : View

Products Affected

emc

documentum_content_server

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2015-4534", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-20T10:59:16.060", "references": [{"url": "http://seclists.org/bugtraq/2015/Aug/86", "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/76410", "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1033296", "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 allows remote authenticated users to execute arbitrary code by forging a signature for a query string that lacks the method_verb parameter."}, {"lang": "es", "value": "Vulnerabilidad en Java Method Server (JMS) en EMC Documentum Content Server en versiones anteriores a 6.7SP1 P32, 6.7SP2 en versiones anteriores a P25, 7.0 en versiones anteriores a P19, 7.1 en versiones anteriores a P16 y 7.2 en versiones anteriores a P02, permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario mediante la falsificaci\u00f3n de una firma para una cadena de consulta que carece del par\u00e1metro method_verb."}], "lastModified": "2017-09-21T01:29:09.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "414C33C7-CD76-49A4-9BE5-354860F2F635"}, {"criteria": "cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4E00544-98F6-439C-8F4D-822FCAE775CA"}, {"criteria": "cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8335062A-5A8E-4076-B351-7DFA19CEC818"}, {"criteria": "cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B283F797-6DAA-40E1-9FAB-16FCAA5241B4"}, {"criteria": "cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87453E34-AC8E-4C79-8486-B4888C621B1C"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}