CVE-2014-0629

Severity

85%

Complexity

68%

Confidentiality

165%

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.

CVSS 2.0 Base Score 8.5. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C).

Overview

Type

EMC Documentum Taskspace 6.7 Service Pack

First reported 11 years ago

2014-03-06 11:55:00

Last updated 11 years ago

2014-03-07 19:16:00

Affected Software

EMC Documentum Taskspace 6.7 Service Pack 1

6.7

EMC Documentum Taskspace 6.7 Service Pack 2

6.7

References

20140305 ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.