PT-2014-3718 · Emc · Emc Documentum Foundation Services

Published

2014-02-06

Updated

2018-01-03

CVE-2014-0622

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Documentum Foundation Services (DFS) versions 6.5 through 6.7 before 6.7 SP1 P22 EMC Documentum Foundation Services (DFS) version 6.7 SP2 before P08 EMC Documentum Foundation Services (DFS) version 7.0 before P12 EMC Documentum Foundation Services (DFS) version 7.1 before P01

Description The issue is related to the improper implementation of content uploading in the web service, allowing remote authenticated users to bypass intended content access restrictions.

Recommendations For versions 6.5 through 6.7 before 6.7 SP1 P22, update to 6.7 SP1 P22 or later. For version 6.7 SP2 before P08, update to 6.7 SP2 P08 or later. For version 7.0 before P12, update to 7.0 P12 or later. For version 7.1 before P01, update to 7.1 P01 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-0622

Affected Products

Emc Documentum Foundation Services

PT-2014-3718 · Emc · Emc Documentum Foundation Services

CVE-2014-0622

Weakness Enumeration

Related Identifiers

Affected Products

References · 6