PT-2014-4756 · Emc · Emc Documentum Wdk

Published

2014-08-20

Updated

2017-08-29

CVE-2014-2518

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EMC Documentum WDK versions prior to 6.7SP1 P28 EMC Documentum WDK versions prior to 6.7SP2 P15

Description The issue allows remote attackers to hijack the authentication of arbitrary users due to multiple cross-site request forgery (CSRF) vulnerabilities.

Recommendations For versions prior to 6.7SP1 P28, update to 6.7SP1 P28 or later. For versions prior to 6.7SP2 P15, update to 6.7SP2 P15 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2014-2518

Affected Products

Emc Documentum Wdk

PT-2014-4756 · Emc · Emc Documentum Wdk

CVE-2014-2518

Weakness Enumeration

Related Identifiers

Affected Products

References · 7