Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server.
2015-07-04T14:59:01.917
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | emc | documentum_administrator | 6.7 | Yes |
| Application | emc | documentum_administrator | 6.7 | Yes |
| Application | emc | documentum_administrator | 7.0 | Yes |
| Application | emc | documentum_administrator | 7.1 | Yes |
| Application | emc | documentum_administrator | 7.2 | Yes |
| Application | emc | documentum_digital_asset_manager | 6.5 | Yes |
| Application | emc | documentum_taskspace | 6.7 | Yes |
| Application | emc | documentum_taskspace | 6.7 | Yes |
| Application | emc | documentum_web_publisher | 6.5 | Yes |
| Application | emc | documentum_webtop | 6.7 | Yes |
| Application | emc | documentum_webtop | 6.7 | Yes |
| Application | emc | documentum_webtop | 6.8 | Yes |