CVE-2014-4637

Open redirect vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
emcdocumentum_wdk
𝑥
≤ 6.7
𝑥
= Vulnerable software versions
References
http://archives.neohapsis.com/archives/bugtraq/2015-01/0009.html
http://packetstormsecurity.com/files/129822/EMC-Documentum-Web-Development-Kit-XSS-CSRF-Redirection-Injection.html
http://www.securitytracker.com/id/1031497
http://archives.neohapsis.com/archives/bugtraq/2015-01/0009.html
http://packetstormsecurity.com/files/129822/EMC-Documentum-Web-Development-Kit-XSS-CSRF-Redirection-Injection.html
http://www.securitytracker.com/id/1031497