Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveDellCVE-2015-4534
HistoryAug 20, 2015 - 10:59 a.m.

CVE-2015-4534

2015-08-2010:59:16
CWE-20
dell
web.nvd.nist.gov
29
cve
emc documentum content server
java method server
jms
remote code execution
signature forgery
nvd

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 allows remote authenticated users to execute arbitrary code by forging a signature for a query string that lacks the method_verb parameter.

Affected configurations

Nvd
Node
emcdocumentum_content_serverMatch6.7sp1
OR
emcdocumentum_content_serverMatch6.7sp2
OR
emcdocumentum_content_serverMatch7.0
OR
emcdocumentum_content_serverMatch7.1
OR
emcdocumentum_content_serverMatch7.2
VendorProductVersionCPE
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
emcdocumentum_content_server6.7cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*
emcdocumentum_content_server7.0cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
emcdocumentum_content_server7.1cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
emcdocumentum_content_server7.2cpe:2.3:a:emc:documentum_content_server:7.2:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
nvd 1
nessus 1
securityvulns 2
prion
prion
Design/Logic Flaw
2015-08-20 10:59:00
cvelist
cvelist
CVE-2015-4534
2015-08-20 10:00:00
nvd
nvd
CVE-2015-4534
2015-08-20 10:59:16
nessus
nessus
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2015-131)
2015-08-19 00:00:00
securityvulns
securityvulns
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities
2015-08-24 00:00:00
EMC Documentum multiple security vulnerabilities
2015-09-14 00:00:00

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON
Related for CVE-2015-4534
prion1cvelist1nvd1nessus1securityvulns2