Vulnerability Details : CVE-2014-4622
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.
Products affected by CVE-2014-4622
- cpe:2.3:a:emc:documentum_content_server:*:sp2:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_content_server:6.7:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4622
0.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4622
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:H/Au:S/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2014-4622
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4622
-
http://archives.neohapsis.com/archives/bugtraq/2014-09/0093.html
-
http://secunia.com/advisories/61251
Sign in
-
http://www.securityfocus.com/bid/69819
EMC Documentum Content Server CVE-2014-4622 Remote Privilege Escalation Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/95990
EMC Documentum Content Server privilege escalation CVE-2014-4622 Vulnerability Report
-
http://www.securitytracker.com/id/1030855
EMC Documentum Content Server Flaws Let Remote Authenticated Users Gain Elevated Privileges - SecurityTracker
Jump to