Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
BID:69277
Info
Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
| Bugtraq ID: | 69277 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-2518 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 18 2014 12:00AM |
| Updated: | Dec 16 2014 06:57AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
Multiple Documentum Products are prone to multiple cross-site request-forgery vulnerabilities.
An attacker can exploit these issues to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
Multiple Documentum Products are prone to multiple cross-site request-forgery vulnerabilities.
An attacker can exploit these issues to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
Exploit / POC
Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
To exploit these issues an attacker must entice an unsuspecting victim to open a malicious URI.
To exploit these issues an attacker must entice an unsuspecting victim to open a malicious URI.
Solution / Fix
Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple Documentum Products CVE-2014-2518 Multiple Cross Site Request Forgery Vulnerabilities
References:
References:
- EMC Homepage (EMC)