ByteOS Network

NVD Vulnerability Details :

CVE-2014-4626

Deferred

Source-security_alert@emc.com

Published At-17 Dec, 2014 | 01:59

Updated At-12 Apr, 2025 | 10:46

EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.kb.cert.org/vuls/id/315340	security_alert@emc.com	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/386056	security_alert@emc.com	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/874632	security_alert@emc.com	Third Party Advisory US Government Resource
https://docs.google.com/spreadsheets/d/1DiiUPCPvmaliWcfwPSc36y2mDvuidkDKQBWqaIuJi0A/edit?usp=sharing	security_alert@emc.com	N/A
http://www.kb.cert.org/vuls/id/315340	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/386056	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/874632	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
https://docs.google.com/spreadsheets/d/1DiiUPCPvmaliWcfwPSc36y2mDvuidkDKQBWqaIuJi0A/edit?usp=sharing	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History