Vulnerability Details : CVE-2017-7220
OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4532.
Vulnerability category: Input validation
Products affected by CVE-2017-7220
- cpe:2.3:a:opentext:documentum_content_server:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-7220
0.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-7220
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-7220
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-7220
-
https://gist.github.com/andreybpanfilov/e0e60ae9d525a34cca04eb4c89a21e04
CVE-2017-7220-02.py · GitHubExploit;Third Party Advisory
-
http://seclists.org/bugtraq/2017/Apr/61
Bugtraq: CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands.Exploit;Mailing List;Third Party Advisory
-
https://gist.github.com/andreybpanfilov/d8792484e13971982c0719ae59ab8c7c
CVE-2017-7220-01.py · GitHubExploit;Third Party Advisory
Jump to