CVE-2015-4530
EMC Documentum WebTop < 6.8P01, Documentum Administrator <= 7.2 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to hijack the authentication of arbitrary users. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2518.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76405
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Aug/87
Scores
EPSS
0.0012
EPSS Percentile
30.8%
Details
CWE
CWE-352
Status
published
Products (5)
emc/documentum_administrator
< 7.2
emc/documentum_digital_asset_manager
< 6.5
emc/documentum_taskspace
< 6.7
emc/documentum_web_publisher
< 6.5
emc/documentum_webtop
< 6.8
Published
Aug 20, 2015
Tracked Since
Feb 18, 2026