Skip to main content

Documentum Content Server CVE-2017-15013

HIGH
Improper Privilege Management (CWE-269)
2017-10-13 cve@mitre.org
8.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 13, 2017 - 16:29 cve.org
HIGH 8.8

DescriptionCVE.org

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.

AnalysisAI

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges. Affected products include: Opentext Documentum Content Server. Version information: through 7.3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2017-15012 HIGH POC
8.8 Oct 13

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the i

CVE-2017-15276 HIGH POC
8.8 Oct 13

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design ga

CVE-2017-7221 HIGH POC
8.8 Apr 25

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote aut

CVE-2017-5585 HIGH POC
8.8 Feb 22

OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and re

CVE-2017-7220 HIGH POC
8.8 Apr 21

OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an

CVE-2023-31871 HIGH POC
7.8 May 18

OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Doc

CVE-2015-4533 CRITICAL
9.0 Aug 20

EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 d

CVE-2015-4534 CRITICAL
9.0 Aug 20

Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 befo

CVE-2015-4532 CRITICAL
9.0 Aug 20

EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 d

CVE-2014-4626 CRITICAL
9.0 Dec 17

EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote a

CVE-2017-15014 MEDIUM POC
4.3 Oct 13

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design ga

CVE-2014-4629 CRITICAL
9.0 Dec 06

EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before SP2 P19 allows remote authenticated users to read

Share

CVE-2017-15013 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy