Vulnerability Details : CVE-2015-4529
Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
Vulnerability category: Open redirect
Products affected by CVE-2015-4529
- cpe:2.3:a:emc:documentum_administrator:*:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_webtop:*:*:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_taskspace:*:sp2:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_digital_asset_manager:*:sp6:*:*:*:*:*:*
- cpe:2.3:a:emc:documentum_web_publisher:*:sp7:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-4529
0.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-4529
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
References for CVE-2015-4529
-
http://www.securityfocus.com/bid/75930
Multiple EMC Documentum Products CVE-2015-4529 Unspecified Open Redirection Vulnerability
-
http://seclists.org/bugtraq/2015/Jul/81
Bugtraq: ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability
-
http://www.securitytracker.com/id/1032965
EMC Documentum WebTop Lets Remote Users Redirect the Target User to an Arbitrary Site - SecurityTracker
Jump to