CVE-2014-2518

Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
emcdigital_assets_manager
6.5
emcdigital_assets_manager
6.5:sp5
emcdigital_assets_manager
6.5:sp6
emcdocumentum_administrator
6.7
emcdocumentum_administrator
6.7:sp1
emcdocumentum_administrator
6.7:sp2
emcdocumentum_administrator
7.0
emcdocumentum_administrator
7.1
emcdocumentum_capital_projects
1.8
emcdocumentum_capital_projects
1.9
emcdocumentum_records_manager
6.7
emcdocumentum_records_manager
6.7:sp1
emcdocumentum_records_manager
6.7:sp2
emcdocumentum_wdk
6.7:sp1
emcdocumentum_wdk
6.7:sp2
emcdocumentum_webtop
6.7
emcdocumentum_webtop
6.7:sp1
emcdocumentum_webtop
6.7:sp2
emcengineering_plant_facilities_management_solution_for_documentum
1.7:sp1
emctask_space
6.7:sp1
emctask_space
6.7:sp2
emcweb_publishers
6.5:sp6
emcweb_publishers
6.5:sp7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/60563
http://www.securityfocus.com/archive/1/533159/30/0/threaded
http://www.securityfocus.com/bid/69277
http://www.securitytracker.com/id/1030742
https://exchange.xforce.ibmcloud.com/vulnerabilities/95365
http://secunia.com/advisories/60563
http://www.securityfocus.com/archive/1/533159/30/0/threaded
http://www.securityfocus.com/bid/69277
http://www.securitytracker.com/id/1030742
https://exchange.xforce.ibmcloud.com/vulnerabilities/95365