5.8
CVE-2013-0939
- EPSS 0.22%
- Veröffentlicht 10.05.2013 11:42:30
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Emc ≫ Documentum Records Manager Version6.7
Emc ≫ Documentum Records Manager Version6.7 Updatesp1
Emc ≫ Documentum Taskspace Version6.7
Emc ≫ Documentum Taskspace Version6.7 Updatesp1
Emc ≫ Documentum Wdk Version6.7
Emc ≫ Documentum Wdk Version6.7 Updatesp1
Emc ≫ Documentum Webtop Version6.7
Emc ≫ Documentum Webtop Version6.7 Updatesp1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.421 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.