CVE-2016-0914
Last modified
CVE-2016-0914 is a vulnerability of currently unknown severity. EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface.. EPSS estimates a 1.30% chance of exploitation in the next 30 days.
Description
EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Emc | Documentum Administrator | 7.0 | — |
| Emc | Documentum Administrator | 7.1 | — |
| Emc | Documentum Administrator | 7.2 | — |
| Emc | Documentum Capital Projects | 1.9 | — |
| Emc | Documentum Capital Projects | 1.10 | — |
| Emc | Documentum Taskspace | 6.7 | Sp3 |
| Emc | Documentum Webtop | 6.8 | — |
| Emc | Documentum Webtop | 6.8.1 | — |
References
- http://seclists.org/bugtraq/2016/Jun/92Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1036153Third Party Advisory, VDB Entry
- http://seclists.org/bugtraq/2016/Jun/92Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1036153Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-0914?
How severe is CVE-2016-0914?
How do I fix CVE-2016-0914?
Are you affected by CVE-2016-0914?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST