NVD

Id
30922  
Name
CVE-2014-2504  
Description
EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-05-25  
Modified Date
2014-06-18  
Seq
2014-2504  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
162622 30922 CVE-2014-2504 20140522 ESA-2014-045: EMC Documentum D2 Arbitrary DQL Query Execution Vulnerability  View
162623 30922 CVE-2014-2504 1030282  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
13758 JVNDB-2014-002633 EMC Documentum D2 におけるアクセス制限を回避される脆弱性 EMC Documentum D2 には、アクセス制限を回避され、任意の Documentum Query Language (DQL) クエリを実行される脆弱性が存在します。 CVE-2014-2504 69791 CVE-2014-2504 30922 9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002633.html 2014-05-22 2014-05-28 View