CVE-2017-2766

Опубликовано: 03 фев. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Ссылки

http://www.securityfocus.com/archive/1/540077/30/0/threaded
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/95893
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/540077/30/0/threaded
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/95893
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:emc:documentum_eroom:7.4.4:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.4.4:sp1:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.4.5:*:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.4.5:p01:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.4.5:p02:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.4.5:p03:*:*:*:*:*:*

cpe:2.3:a:emc:documentum_eroom:7.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00786

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-640

Связанные уязвимости

GHSA-fgmj-4xc2-m385