Search criteria
6 vulnerabilities found for engineering_plant_facilities_management_solution_for_documentum by emc
FKIE_CVE-2014-2518
Vulnerability from fkie_nvd - Published: 2014-08-20 11:17 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | digital_assets_manager | 6.5 | |
| emc | digital_assets_manager | 6.5 | |
| emc | digital_assets_manager | 6.5 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 7.0 | |
| emc | documentum_administrator | 7.1 | |
| emc | documentum_capital_projects | 1.8 | |
| emc | documentum_capital_projects | 1.9 | |
| emc | documentum_records_manager | 6.7 | |
| emc | documentum_records_manager | 6.7 | |
| emc | documentum_records_manager | 6.7 | |
| emc | documentum_wdk | 6.7 | |
| emc | documentum_wdk | 6.7 | |
| emc | documentum_webtop | 6.7 | |
| emc | documentum_webtop | 6.7 | |
| emc | documentum_webtop | 6.7 | |
| emc | engineering_plant_facilities_management_solution_for_documentum | 1.7 | |
| emc | task_space | 6.7 | |
| emc | task_space | 6.7 | |
| emc | web_publishers | 6.5 | |
| emc | web_publishers | 6.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B2F44-0C11-4C5F-A9BF-370B2200C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1F9563AE-98CF-47FE-BD6F-DE6A16FCE9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B3E8924B-2D5F-4C58-A52E-98D7EC559484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1008C754-6E61-438A-908E-A8B26E049707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0A289F06-4D31-4963-8D2F-D2E8F2146D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E63A8B26-9B98-47CB-8CB6-896ACFC85FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34D56991-BEA6-4160-9E5C-4B7034DB1FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E97C5C13-EBDB-4906-8875-1D8D70C68206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA794FE-5435-4657-B064-C4431D22A575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0AED45-805C-4AE2-A12C-11F8710A7F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_records_manager:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A21F2EF8-62DD-4EB2-8395-16D243E83E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_records_manager:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4C2C8EC9-1FC3-4527-A77C-279F718075EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_records_manager:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42FD2B6A-3F23-415A-BF2B-32702EAD5BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3351A120-41F6-4C4C-94AD-4AF607D7837E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_wdk:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4B004E9E-0316-41C5-B299-E90C86CA6492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46F5211F-0307-4A35-A535-D6048FD25CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5AC64E73-EBBF-4851-BB86-394941CA4625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C3AA619F-A9DF-489C-A6BA-BF044B3C20BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "09A02ABE-068E-4916-874A-56E8C7714E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:task_space:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6953B52A-612A-4C25-B3BA-B633C011BE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:task_space:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "73A6B036-80E3-4714-B9D4-CFA6E03A32B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp6:*:*:*:*:*:*",
"matchCriteriaId": "7543EDA8-0F65-4099-AB80-D98685B11F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp7:*:*:*:*:*:*",
"matchCriteriaId": "967D249D-CC16-4F33-B4C6-3F096C410D1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de CSRF en EMC Documentum WDK anterior a 6.7SP1 P28 y 6.7SP2 anterior a P15 permiten a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios arbitrarios."
}
],
"id": "CVE-2014-2518",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-08-20T11:17:13.907",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://secunia.com/advisories/60563"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/69277"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1030742"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2511
Vulnerability from fkie_nvd - Published: 2014-08-20 11:17 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | digital_assets_manager | 6.5 | |
| emc | digital_assets_manager | 6.5 | |
| emc | digital_assets_manager | 6.5 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 6.7 | |
| emc | documentum_administrator | 7.0 | |
| emc | documentum_administrator | 7.1 | |
| emc | documentum_capital_projects | 1.8 | |
| emc | documentum_capital_projects | 1.9 | |
| emc | documentum_webtop | 6.7 | |
| emc | documentum_webtop | 6.7 | |
| emc | documentum_webtop | 6.7 | |
| emc | engineering_plant_facilities_management_solution_for_documentum | 1.7 | |
| emc | engineering_plant_facilities_management_solution_for_documentum | 1.7 | |
| emc | records_client | 6.7 | |
| emc | records_client | 6.7 | |
| emc | records_client | 6.7 | |
| emc | task_space | 6.7 | |
| emc | task_space | 6.7 | |
| emc | task_space | 6.7 | |
| emc | web_publishers | 6.5 | |
| emc | web_publishers | 6.5 | |
| emc | web_publishers | 6.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B2F44-0C11-4C5F-A9BF-370B2200C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1F9563AE-98CF-47FE-BD6F-DE6A16FCE9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:digital_assets_manager:6.5:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B3E8924B-2D5F-4C58-A52E-98D7EC559484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1008C754-6E61-438A-908E-A8B26E049707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0A289F06-4D31-4963-8D2F-D2E8F2146D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E63A8B26-9B98-47CB-8CB6-896ACFC85FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34D56991-BEA6-4160-9E5C-4B7034DB1FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E97C5C13-EBDB-4906-8875-1D8D70C68206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA794FE-5435-4657-B064-C4431D22A575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_capital_projects:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0AED45-805C-4AE2-A12C-11F8710A7F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46F5211F-0307-4A35-A535-D6048FD25CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5AC64E73-EBBF-4851-BB86-394941CA4625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:documentum_webtop:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C3AA619F-A9DF-489C-A6BA-BF044B3C20BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2348B52A-CE72-46FC-BC2F-037109752D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "09A02ABE-068E-4916-874A-56E8C7714E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:records_client:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA0CB76-D7A1-45D7-9A7C-3A5B078DEFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:records_client:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5B1686DE-27ED-429B-AB2C-EAFE3DABB2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:records_client:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "045CADF0-2588-42B0-B8A9-9BA0D4213681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:task_space:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "96E9E86B-DFD4-429B-BF45-81D9DEA5638F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:task_space:6.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6953B52A-612A-4C25-B3BA-B633C011BE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:task_space:6.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "73A6B036-80E3-4714-B9D4-CFA6E03A32B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:web_publishers:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFCCE-AE01-4AE7-84CC-D8E2519C0B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp6:*:*:*:*:*:*",
"matchCriteriaId": "7543EDA8-0F65-4099-AB80-D98685B11F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:web_publishers:6.5:sp7:*:*:*:*:*:*",
"matchCriteriaId": "967D249D-CC16-4F33-B4C6-3F096C410D1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en EMC Documentum WebTop anterior a 6.7 SP1 P28 y 6.7 SP2 anterior a P14 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro (1) startat o (2) entryId."
}
],
"id": "CVE-2014-2511",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-08-20T11:17:13.780",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://secunia.com/advisories/60561"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/69272"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1030741"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-2518 (GCVE-0-2014-2518)
Vulnerability from cvelistv5 – Published: 2014-08-20 10:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "60563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-2518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60563",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2014-2518",
"datePublished": "2014-08-20T10:00:00",
"dateReserved": "2014-03-14T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2511 (GCVE-0-2014-2511)
Vulnerability from cvelistv5 – Published: 2014-08-20 10:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030741"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "69272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030741"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-2511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030741"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2014-2511",
"datePublished": "2014-08-20T10:00:00",
"dateReserved": "2014-03-14T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2518 (GCVE-0-2014-2518)
Vulnerability from nvd – Published: 2014-08-20 10:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "60563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-2518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60563",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60563"
},
{
"name": "69277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69277"
},
{
"name": "20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533159/30/0/threaded"
},
{
"name": "emc-cve20142518-csrf(95365)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95365"
},
{
"name": "1030742",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2014-2518",
"datePublished": "2014-08-20T10:00:00",
"dateReserved": "2014-03-14T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2511 (GCVE-0-2014-2511)
Vulnerability from nvd – Published: 2014-08-20 10:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030741"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "69272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030741"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-2511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69272"
},
{
"name": "emc-cve20142511-xss(95366)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95366"
},
{
"name": "20140818 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533160/30/0/threaded"
},
{
"name": "60561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60561"
},
{
"name": "1030741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030741"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2014-2511",
"datePublished": "2014-08-20T10:00:00",
"dateReserved": "2014-03-14T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}