CVE-2014-4629

Published: Dec 6, 2014Modified: May 6, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before SP2 P19 allows remote authenticated users to read or delete arbitrary files via unspecified vectors related to an insecure direct object reference.

Affected (5)

Products: Emc: Documentum Content Server

1 product

Documentum Content Server

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Emc Documentum Content Server	Version 6.7
Emc Documentum Content Server	Version 6.7 sp1
Emc Documentum Content Server	Version 6.7 sp2
Emc Documentum Content Server	Version 7.0
Emc Documentum Content Server	Version 7.1

Related CWEs

References (10)

http://packetstormsecurity.com/files/129376/EMC-Documentum-Content-Server-Insecure-Direct-Object-Reference.html

Source: security_alert@emc.com

http://www.securityfocus.com/archive/1/534135/100/0/threaded

Source: security_alert@emc.com

http://www.securityfocus.com/bid/71422

Source: security_alert@emc.com

http://www.securitytracker.com/id/1031298

Source: security_alert@emc.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/99085

Source: security_alert@emc.com

http://packetstormsecurity.com/files/129376/EMC-Documentum-Content-Server-Insecure-Direct-Object-Reference.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/534135/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/71422

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1031298

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/99085

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.