CVE-2016-0914

Опубликовано: 23 июн. 2016

Источник: nvd

CVSS3: 6.3

CVSS2: 6.5

EPSS Низкий

Описание

EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface.

Ссылки

http://seclists.org/bugtraq/2016/Jun/92
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036153
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2016/Jun/92
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036153
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_administrator:7.2:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_capital_projects:1.9:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_capital_projects:1.10:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_taskspace:6.7:sp3:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_webtop:6.8:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_webtop:6.8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.0016

Низкий

6.3 Medium

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-h29m-55jq-jm6f