CVE-2014-0642
Summary
| CVE | CVE-2014-0642 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-04-15 23:13:00 UTC |
| Updated | 2014-04-16 14:03:00 UTC |
| Description | EMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13, 7.0 before P13, and 7.1 before P02 allows remote authenticated users to bypass intended access restrictions and read metadata from certain folders via unspecified vectors. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Emc | Documentum Content Server | 6.0 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp1 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp3 | All | All |
| Application | Emc | Documentum Content Server | 6.6 | All | All | All |
| Application | Emc | Documentum Content Server | 6.7 | - | All | All |
| Application | Emc | Documentum Content Server | 6.7 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 7.0 | All | All | All |
| Application | Emc | Documentum Content Server | 7.1 | All | All | All |
| Application | Emc | Documentum Content Server | 6.0 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp1 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp3 | All | All |
| Application | Emc | Documentum Content Server | 6.6 | All | All | All |
| Application | Emc | Documentum Content Server | 6.7 | - | All | All |
| Application | Emc | Documentum Content Server | 6.7 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 7.0 | All | All | All |
| Application | Emc | Documentum Content Server | 7.1 | All | All | All |
| Application | Emc | Documentum Content Server | All | sp1 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Yuri Simione na Twitterze: "SecurityFocus ESA-2014-026 http://t.co/xGIn20dc6a my public credit from Emc (thanks!) regarding a documentum vulnerability." | MISC | twitter.com | |
| 20140411 ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability | BUGTRAQ | archives.neohapsis.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.