Shodan
Vulnerabilities
Vulnerable Software
Emc:  Security Vulnerabilities
CVE-2014-4618
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object.
CVSS Score
8.5
EPSS Score
0.01
Published
2014-08-20
CVE-2014-0640
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.002
Published
2014-08-20
CVE-2014-0641
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.
CVSS Score
6.8
EPSS Score
0.001
Published
2014-08-20
CVE-2014-2505
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.003
Published
2014-08-20
CVE-2014-2511
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-08-20
CVE-2014-2515
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.
CVSS Score
8.5
EPSS Score
0.01
Published
2014-08-20
CVE-2014-2517
Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
CVSS Score
6.5
EPSS Score
0.005
Published
2014-08-20
CVE-2014-2518
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
CVSS Score
6.8
EPSS Score
0.002
Published
2014-08-20
CVE-2014-2520
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
CVSS Score
6.3
EPSS Score
0.004
Published
2014-08-20
CVE-2014-2521
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.
CVSS Score
6.3
EPSS Score
0.004
Published
2014-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved