| CVE-2014-4626 | Date: (C)2014-12-22 (M)2023-12-22 |
EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 9.0 |
| Exploit Score: 8.0 |
| Impact Score: 10.0 |
| |
| CVSS V2 Metrics: |
| Access Vector: NETWORK |
| Access Complexity: LOW |
| Authentication: SINGLE |
| Confidentiality: COMPLETE |
| Integrity: COMPLETE |
| Availability: COMPLETE |
| | |
