Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveDellCVE-2015-4532
HistoryAug 20, 2015 - 10:59 a.m.

CVE-2015-4532

2015-08-2010:59:14
CWE-264
dell
web.nvd.nist.gov
30
cve-2015-4532
emc documentum
content server
authorization check
remote code execution
nvd

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON

EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save RPC commands with super-user privileges, and consequently execute arbitrary code, via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2514.

Affected configurations

Nvd
Node
emcdocumentum_content_serverMatch6.7sp1
OR
emcdocumentum_content_serverMatch6.7sp2
OR
emcdocumentum_content_serverMatch7.0
OR
emcdocumentum_content_serverMatch7.1
OR
emcdocumentum_content_serverMatch7.2
VendorProductVersionCPE
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*
emcdocumentum_content_server7.0cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
emcdocumentum_content_server7.1cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
emcdocumentum_content_server7.2cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*

Related

prion 3
cvelist 3
nvd 3
securityvulns 5
zdt 1
packetstorm 1
cve 2
nessus 2
cert 1
prion
prion
Authorization
2015-08-20 10:59:00
Design/Logic Flaw
2017-04-21 02:59:00
Authorization
2014-07-08 11:06:00
cvelist
cvelist
CVE-2015-4532
2015-08-20 10:00:00
CVE-2017-7220
2017-04-21 02:11:00
CVE-2014-2514
2014-07-08 10:00:00
nvd
nvd
CVE-2015-4532
2015-08-20 10:59:14
CVE-2017-7220
2017-04-21 02:59:00
CVE-2014-2514
2014-07-08 11:06:01
securityvulns
securityvulns
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532)
2015-08-24 00:00:00
Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532)
2015-08-24 00:00:00
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities
2015-08-24 00:00:00
zdt
zdt
EMC Documentum Content Server Code Execution Vulnerability
2015-08-19 00:00:00
packetstorm
packetstorm
EMC Documentum Content Server Code Execution
2015-08-18 00:00:00
cve
cve
CVE-2017-7220
2017-04-21 02:59:00
CVE-2014-2514
2014-07-08 11:06:01
nessus
nessus
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2015-131)
2015-08-19 00:00:00
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-064)
2014-09-11 00:00:00
cert
cert
EMC Documentum products contain multiple vulnerabilities
2014-12-15 00:00:00

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON
Related for CVE-2015-4532
prion3cvelist3nvd3securityvulns5zdt1packetstorm1cve2nessus2cert1