CVE-2015-4544
EMC Documentum Content Server < 7.1P20 and 7.2.x < 7.2P04 - Authenticated Privilege Escalation via dm_job Object Access
Title source: llmDescription
EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4626.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/133441/EMC-Documentum-Content-Server-Privilege-Escalation.html
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Sep/18
Scores
EPSS
0.0053
EPSS Percentile
67.4%
Details
CWE
CWE-264
Status
published
Products (2)
emc/documentum_content_server
7.1
emc/documentum_content_server
7.2
Published
Sep 04, 2015
Tracked Since
Feb 18, 2026