CVE-2014-2514
EMC Documentum Content Server < 6.7 SP1 P28, 6.7 SP2 < P15, 7.0 < P15, 7.1 < P06 - Privilege Escalation via Save RPC
Title source: llmDescription
EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save RPC commands with super-user privileges, and consequently execute arbitrary code, via unspecified vectors.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030529
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59757
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68436
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-07/0024.html
Scores
EPSS
0.0219
EPSS Percentile
84.6%
Details
CWE
CWE-20
Status
published
Products (4)
emc/documentum_content_server
6.7 (2 CPE variants)
emc/documentum_content_server
7.0
emc/documentum_content_server
7.1
emc/documentum_content_server
< 6.7
Published
Jul 08, 2014
Tracked Since
Feb 18, 2026