5.8
CVE-2013-6174
- EPSS 0.74%
- Published 21.11.2013 04:40:59
- Last modified 11.04.2025 00:51:21
- Source security_alert@emc.com
- Teams watchlist Login
- Open Login
Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
Data is provided by the National Vulnerability Database (NVD)
Emc ≫ Document Sciences Xpression Version4.1 Updatesp1 Edition- SwEditiondocumentum
Emc ≫ Document Sciences Xpression Version4.2 Update- Edition- SwEditiondocumentum
Emc ≫ Document Sciences Xpression Version4.5 Update- Edition- SwEditiondocumentum
Emc ≫ Document Sciences Xpression Version4.1 Updatesp1 Edition- SwEditionenterprise SwPlatform- HwPlatform-
Emc ≫ Document Sciences Xpression Version4.2 Update- Edition- SwEditionenterprise SwPlatform- HwPlatform-
Emc ≫ Document Sciences Xpression Version4.5 Update- Edition- SwEditionenterprise SwPlatform- HwPlatform-
Emc ≫ Document Sciences Xpression Version4.1 Updatesp1 Edition- SwEditionenterprise SwPlatform- HwPlatform-
Emc ≫ Document Sciences Xpression Version4.2 Update- Edition- SwEditionenterprise SwPlatform- HwPlatform-
Emc ≫ Document Sciences Xpression Version4.5 Update- Edition- SwEditionenterprise SwPlatform- HwPlatform-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.74% | 0.704 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.