Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-4636

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-4636
Last Modified 07 Jan 2015 09:18:31
Published 06 Jan 2015 09:59:17
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-4636

Summary

Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations.

Vulnerable Systems

Application

  • Emc Documentum Wdk 6.7


References

BUGTRAQ - 20150105 ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities


Last Updated: 27 May 2016 10:57:40