9

CVE-2014-4626

EPSS 1.2%
Published 17.12.2014 01:59:00
Last modified 12.04.2025 10:46:40
Source security_alert@emc.com
Teams watchlist Login
Open Login

EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Emc ≫ Documentum Content Server Updatesp1 Version <= 6.7

Emc ≫ Documentum Content Server Version6.7 Update-

Emc ≫ Documentum Content Server Version6.7 Updatesp2

Emc ≫ Documentum Content Server Version7.0

Emc ≫ Documentum Content Server Version7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.2%	0.782

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

http://www.kb.cert.org/vuls/id/315340

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/386056

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/874632

Third Party Advisory

US Government Resource

https://docs.google.com/spreadsheets/d/1DiiUPCPvmaliWcfwPSc36y2mDvuidkDKQBWqaIuJi0A/edit?usp=sharing

https://nvd.nist.gov/vuln/detail/CVE-2014-4626

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-4626

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-4626

EUVD