CVE-2014-2507
Summary
| CVE | CVE-2014-2507 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-06-08 04:31:00 UTC |
| Updated | 2018-10-09 19:43:00 UTC |
| Description | EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods. |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Emc | Documentum Content Server | 6.0 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp1 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp3 | All | All |
| Application | Emc | Documentum Content Server | 6.6 | All | All | All |
| Application | Emc | Documentum Content Server | 6.7 | - | All | All |
| Application | Emc | Documentum Content Server | 6.7 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 7.0 | All | All | All |
| Application | Emc | Documentum Content Server | 7.1 | All | All | All |
| Application | Emc | Documentum Content Server | 6.0 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | All | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp1 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 6.5 | sp3 | All | All |
| Application | Emc | Documentum Content Server | 6.6 | All | All | All |
| Application | Emc | Documentum Content Server | 6.7 | - | All | All |
| Application | Emc | Documentum Content Server | 6.7 | sp2 | All | All |
| Application | Emc | Documentum Content Server | 7.0 | All | All | All |
| Application | Emc | Documentum Content Server | 7.1 | All | All | All |
| Application | Emc | Documentum Content Server | All | sp1 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| EMC Documentum Content Server Flaws Let Remote Authenticated Users Gain Elevated Privileges and Inject DQL Commands - SecurityTracker | SECTRACK | www.securitytracker.com | |
| EMC Documentum Content Server Escalation / Injection ≈ Packet Storm | MISC | packetstormsecurity.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Security Advisory SA58954 - EMC Documentum Content Server Multiple Vulnerabilities - Secunia | SECUNIA | secunia.com | |
| EMC Documentum Content Server CVE-2014-2507 Shell Command Injection Vulnerability | BID | www.securityfocus.com | |
| 20140605 ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities | BUGTRAQ | archives.neohapsis.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.