VDB
CVE-2014-4622
CVE-2014-4622
PUBLISHED
CVSS 7.099999904632568 HIGH
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.
EPSS 0.42% · 62.4th percentile
Risk Scores
CVSS 2.0
7.099999904632568
EPSS Score
0.42%
62.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| emc | documentum_content_server | 6.0, 6.5, 6.5 |
Timeline
- Sep 17, 2014 CVE Published
- Aug 19, 2015 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 17, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- 61251 third-party-advisory
- 20140915 ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities mailing-list
- emc-documentum-cve20144622-priv-esc(95990) vdb
- 69819 vdb
- 1030855 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-4622 advisory