Vulnerability Description
The web service in EMC Documentum Foundation Services (DFS) 6.5 through 6.7 before 6.7 SP1 P22, 6.7 SP2 before P08, 7.0 before P12, and 7.1 before P01 does not properly implement content uploading, which allows remote authenticated users to bypass intended content access restrictions via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Documentum Foundation Services | 6.5 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2014-02/0007.html
- http://osvdb.org/102949
- http://secunia.com/advisories/56845
- http://www.securityfocus.com/bid/65398
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90982
- http://archives.neohapsis.com/archives/bugtraq/2014-02/0007.html
- http://osvdb.org/102949
- http://secunia.com/advisories/56845
- http://www.securityfocus.com/bid/65398
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90982
FAQ
What is CVE-2014-0622?
CVE-2014-0622 is a vulnerability with a CVSS score of 9.0 (HIGH). The web service in EMC Documentum Foundation Services (DFS) 6.5 through 6.7 before 6.7 SP1 P22, 6.7 SP2 before P08, 7.0 before P12, and 7.1 before P01 does not properly implement content uploading, wh...
How severe is CVE-2014-0622?
CVE-2014-0622 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0622?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Documentum Foundation Services.