Lucene search

[email protected]NVD:CVE-2014-2518

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-2518

2014-08-2011:17:13

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

59.6%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.

Affected configurations

Nvd

Node

emcdigital_assets_managerMatch6.5

emcdigital_assets_managerMatch6.5sp5

emcdigital_assets_managerMatch6.5sp6

emcdocumentum_administratorMatch6.7

emcdocumentum_administratorMatch6.7sp1

emcdocumentum_administratorMatch6.7sp2

emcdocumentum_administratorMatch7.0

emcdocumentum_administratorMatch7.1

emcdocumentum_capital_projectsMatch1.8

emcdocumentum_capital_projectsMatch1.9

emcdocumentum_records_managerMatch6.7

emcdocumentum_records_managerMatch6.7sp1

emcdocumentum_records_managerMatch6.7sp2

emcdocumentum_wdkMatch6.7sp1

emcdocumentum_wdkMatch6.7sp2

emcdocumentum_webtopMatch6.7

emcdocumentum_webtopMatch6.7sp1

emcdocumentum_webtopMatch6.7sp2

emcengineering_plant_facilities_management_solution_for_documentumMatch1.7sp1

emctask_spaceMatch6.7sp1

emctask_spaceMatch6.7sp2

emcweb_publishersMatch6.5sp6

emcweb_publishersMatch6.5sp7

VendorProductVersionCPE
emcdigital_assets_manager6.5cpe:2.3:a:emc:digital_assets_manager:6.5:*:*:*:*:*:*:*
emcdigital_assets_manager6.5cpe:2.3:a:emc:digital_assets_manager:6.5:sp5:*:*:*:*:*:*
emcdigital_assets_manager6.5cpe:2.3:a:emc:digital_assets_manager:6.5:sp6:*:*:*:*:*:*
emcdocumentum_administrator6.7cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*
emcdocumentum_administrator6.7cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*
emcdocumentum_administrator6.7cpe:2.3:a:emc:documentum_administrator:6.7:sp2:*:*:*:*:*:*
emcdocumentum_administrator7.0cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*
emcdocumentum_administrator7.1cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*
emcdocumentum_capital_projects1.8cpe:2.3:a:emc:documentum_capital_projects:1.8:*:*:*:*:*:*:*
emcdocumentum_capital_projects1.9cpe:2.3:a:emc:documentum_capital_projects:1.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	digital_assets_manager	6.5	cpe:2.3:a:emc:digital_assets_manager:6.5:::::::*
emc	digital_assets_manager	6.5	cpe:2.3:a:emc:digital_assets_manager:6.5:sp5::::::
emc	digital_assets_manager	6.5	cpe:2.3:a:emc:digital_assets_manager:6.5:sp6::::::
emc	documentum_administrator	6.7	cpe:2.3:a:emc:documentum_administrator:6.7:::::::*
emc	documentum_administrator	6.7	cpe:2.3:a:emc:documentum_administrator:6.7:sp1::::::
emc	documentum_administrator	6.7	cpe:2.3:a:emc:documentum_administrator:6.7:sp2::::::
emc	documentum_administrator	7.0	cpe:2.3:a:emc:documentum_administrator:7.0:::::::*
emc	documentum_administrator	7.1	cpe:2.3:a:emc:documentum_administrator:7.1:::::::*
emc	documentum_capital_projects	1.8	cpe:2.3:a:emc:documentum_capital_projects:1.8:::::::*
emc	documentum_capital_projects	1.9	cpe:2.3:a:emc:documentum_capital_projects:1.9:::::::*