CVE-2014-2506
EMC Documentum Content Server < 6.7 - Authenticated Privilege Escalation
Title source: llmDescription
EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67917
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-06/0051.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030339
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532596/100/0/threaded
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58954
Scores
EPSS
0.0101
EPSS Percentile
77.4%
Details
CWE
CWE-264
Status
published
Products (7)
emc/documentum_content_server
6.0
emc/documentum_content_server
6.5 (4 CPE variants)
emc/documentum_content_server
6.6
emc/documentum_content_server
6.7 (2 CPE variants)
emc/documentum_content_server
7.0
emc/documentum_content_server
7.1
emc/documentum_content_server
< 6.7
Published
Jun 08, 2014
Tracked Since
Feb 18, 2026