6.5
CVE-2015-4524
- EPSS 0.9%
- Veröffentlicht 04.07.2015 14:59:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Emc ≫ Documentum Administrator Version6.7 Updatesp1
Emc ≫ Documentum Administrator Version6.7 Updatesp2
Emc ≫ Documentum Administrator Version7.0
Emc ≫ Documentum Administrator Version7.1
Emc ≫ Documentum Administrator Version7.2
Emc ≫ Documentum Digital Asset Manager Version6.5 Updatesp6
Emc ≫ Documentum Taskspace Version6.7 Updatesp1
Emc ≫ Documentum Taskspace Version6.7 Updatesp2
Emc ≫ Documentum Web Publisher Version6.5 Updatesp7
Emc ≫ Documentum Webtop Version6.7 Updatesp1
Emc ≫ Documentum Webtop Version6.7 Updatesp2
Emc ≫ Documentum Webtop Version6.8
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.9% | 0.746 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.