CVE-2014-2506

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.

Published: Jun 8, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-2506
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
emc / documentum_content_server	6.7	6.7.x
emc / documentum_content_server	6.7-sp2	6.7-sp2.x
emc / documentum_content_server	7.0	7.0.x
emc / documentum_content_server	-	6.7.x
emc / documentum_content_server	6.0	6.0.x
emc / documentum_content_server	6.5-sp2	6.5-sp2.x
emc / documentum_content_server	6.5	6.5.x
emc / documentum_content_server	6.6	6.6.x
emc / documentum_content_server	6.5-sp1	6.5-sp1.x
emc / documentum_content_server	7.1	7.1.x
emc / documentum_content_server	6.5-sp3	6.5-sp3.x

http://archives.neohapsis.com/archives/bugtraq/2014-06/0051.html
http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html
http://secunia.com/advisories/58954
http://www.securityfocus.com/archive/1/532596/100/0/threaded
http://www.securityfocus.com/bid/67917
http://www.securitytracker.com/id/1030339

Vulnerability Database

289,784

CVE-2014-2506