Affected configuration(s):
cpe:/a:emc:documentum_content_server:6.0
cpe:/a:emc:documentum_content_server:6.5
cpe:/a:emc:documentum_content_server:6.5:sp1
cpe:/a:emc:documentum_content_server:6.5:sp2
cpe:/a:emc:documentum_content_server:6.5:sp3
cpe:/a:emc:documentum_content_server:6.6
cpe:/a:emc:documentum_content_server:6.7:-
cpe:/a:emc:documentum_content_server:6.7:sp1
cpe:/a:emc:documentum_content_server:6.7:sp2
cpe:/a:emc:documentum_content_server:7.0
cpe:/a:emc:documentum_content_server:7.1
Date published: 2014-06-08T00:31:53.363-04:00
Date last modified: 2014-07-24T00:59:35.147-04:00
CVSS Score: 8.5
Principal attack vector: NETWORK
Complexity: MEDIUM
Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-06/0051.html
Summary: EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.