Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-2507

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods.

Published

2014-06-08T04:31:53.427

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 8.5 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: SINGLE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

6.8

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-78
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application emc documentum_content_server ≤ 6.7 Yes
Application emc documentum_content_server 6.0 Yes
Application emc documentum_content_server 6.5 Yes
Application emc documentum_content_server 6.5 Yes
Application emc documentum_content_server 6.5 Yes
Application emc documentum_content_server 6.5 Yes
Application emc documentum_content_server 6.6 Yes
Application emc documentum_content_server 6.7 Yes
Application emc documentum_content_server 6.7 Yes
Application emc documentum_content_server 7.0 Yes
Application emc documentum_content_server 7.1 Yes
References