Lucene search

[email protected]CVE-2014-2511

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-2511

2014-08-2011:17:13

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-2511

emc documentum

webtop

xss

vulnerabilities

remote attackers

web script

html

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

Affected configurations

NVD

Node

emcdigital_assets_managerMatch6.5

emcdigital_assets_managerMatch6.5sp5

emcdigital_assets_managerMatch6.5sp6

emcdocumentum_administratorMatch6.7

emcdocumentum_administratorMatch6.7sp1

emcdocumentum_administratorMatch6.7sp2

emcdocumentum_administratorMatch7.0

emcdocumentum_administratorMatch7.1

emcdocumentum_capital_projectsMatch1.8

emcdocumentum_capital_projectsMatch1.9

emcdocumentum_webtopMatch6.7

emcdocumentum_webtopMatch6.7sp1

emcdocumentum_webtopMatch6.7sp2

emcengineering_plant_facilities_management_solution_for_documentumMatch1.7

emcengineering_plant_facilities_management_solution_for_documentumMatch1.7sp1

emcrecords_clientMatch6.7

emcrecords_clientMatch6.7sp1

emcrecords_clientMatch6.7sp2

emctask_spaceMatch6.7

emctask_spaceMatch6.7sp1

emctask_spaceMatch6.7sp2

emcweb_publishersMatch6.5

emcweb_publishersMatch6.5sp6

emcweb_publishersMatch6.5sp7

CPENameOperatorVersion
emc:digital_assets_manageremc digital assets managereq6.5
emc:documentum_administratoremc documentum administratoreq6.7
emc:documentum_administratoremc documentum administratoreq7.0
emc:documentum_administratoremc documentum administratoreq7.1
emc:documentum_capital_projectsemc documentum capital projectseq1.8
emc:documentum_capital_projectsemc documentum capital projectseq1.9
emc:documentum_webtopemc documentum webtopeq6.7
emc:engineering_plant_facilities_management_solution_for_documentumemc engineering plant facilities management solution for documentumeq1.7
emc:records_clientemc records clienteq6.7
emc:task_spaceemc task spaceeq6.7

CPE	Name	Operator	Version
emc:digital_assets_manager	emc digital assets manager	eq	6.5
emc:documentum_administrator	emc documentum administrator	eq	6.7
emc:documentum_administrator	emc documentum administrator	eq	7.0
emc:documentum_administrator	emc documentum administrator	eq	7.1
emc:documentum_capital_projects	emc documentum capital projects	eq	1.8
emc:documentum_capital_projects	emc documentum capital projects	eq	1.9
emc:documentum_webtop	emc documentum webtop	eq	6.7
emc:engineering_plant_facilities_management_solution_for_documentum	emc engineering plant facilities management solution for documentum	eq	1.7
emc:records_client	emc records client	eq	6.7
emc:task_space	emc task space	eq	6.7

Rows per page:

1-10 of 111

References

secunia.com/advisories/60561

www.securityfocus.com/archive/1/533160/30/0/threaded

www.securityfocus.com/bid/69272

www.securitytracker.com/id/1030741

exchange.xforce.ibmcloud.com/vulnerabilities/95366

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Related for CVE-2014-2511

securityvulns2 cvelist1 prion1 nvd1