CVE-2014-4622

Sažetak

EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.

Reference

http://archives.neohapsis.com/archives/bugtraq/2014-09/0093.html
http://secunia.com/advisories/61251
http://www.securityfocus.com/bid/69819
http://www.securitytracker.com/id/1030855
https://exchange.xforce.ibmcloud.com/vulnerabilities/95990

CVSS

Base:	7.1
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:35

Objavljeno

17-09-2014 - 10:55