9

CVE-2014-4626

EPSS 1.2%
Veröffentlicht 17.12.2014 01:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ Documentum Content Server Updatesp1 Version <= 6.7

Emc ≫ Documentum Content Server Version6.7 Update-

Emc ≫ Documentum Content Server Version6.7 Updatesp2

Emc ≫ Documentum Content Server Version7.0

Emc ≫ Documentum Content Server Version7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.2%	0.782

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

http://www.kb.cert.org/vuls/id/315340

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/386056

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/874632

Third Party Advisory

US Government Resource

https://docs.google.com/spreadsheets/d/1DiiUPCPvmaliWcfwPSc36y2mDvuidkDKQBWqaIuJi0A/edit?usp=sharing

https://nvd.nist.gov/vuln/detail/CVE-2014-4626

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-4626

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-4626

EUVD