9

CVE-2014-4626

EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EmcDocumentum Content Server Updatesp1 Version <= 6.7
EmcDocumentum Content Server Version6.7 Update-
EmcDocumentum Content Server Version6.7 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.99% 0.892
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.kb.cert.org/vuls/id/315340
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/386056
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/874632
Third Party Advisory
US Government Resource
https://docs.google.com/spreadsheets/d/1DiiUPCPvmaliWcfwPSc36y2mDvuidkDKQBWqaIuJi0A/edit?usp=sharing