CVE-2014-2518 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-2518 PUBLISHED CVSS 6.800000190734863 MEDIUM

Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.

EPSS 0.20% · 42.0th percentile

Risk Scores

CVSS v2.0

6.800000190734863

EPSS Score

0.20%

42.0th percentile

Affected Products

Vendor	Product	Versions
emc	digital_assets_manager	6.5, 6.5, 6.5
emc	documentum_wdk	6.7, 6.7
emc	task_space	6.7, 6.7
emc	documentum_webtop	6.7, 6.7, 6.7
emc	web_publishers	6.5, 6.5
emc	documentum_capital_projects	1.8, 1.9
emc	documentum_administrator	6.7, 6.7, 6.7
emc	documentum_records_manager	6.7, 6.7, 6.7
n/a	n/a	n/a
emc	engineering_plant_facilities_management_solution_for_documentum	1.7

Timeline

Aug 20, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://seclists.org/bugtraq/2014/Aug/att-92/ESA-2014-067.txt advisory
http://seclists.org/bugtraq/2014/Aug/att-93/ESA-2014-079.txt advisory
http://seclists.org/bugtraq/2014/Aug/att-90/ESA-2014-073.txt advisory
http://seclists.org/bugtraq/2014/Aug/att-91/ESA-2014-059.txt advisory
60563 third-party-advisory
69277 vdb
20140818 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities mailing-list
emc-cve20142518-csrf(95365) vdb
1030742 vdb
https://nvd.nist.gov/vuln/detail/CVE-2014-2518 advisory

Open in Interactive Console →