CVE-2014-0622

medium

Description

The web service in EMC Documentum Foundation Services (DFS) 6.5 through 6.7 before 6.7 SP1 P22, 6.7 SP2 before P08, 7.0 before P12, and 7.1 before P01 does not properly implement content uploading, which allows remote authenticated users to bypass intended content access restrictions via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90982

http://www.securityfocus.com/bid/65398

http://secunia.com/advisories/56845

http://osvdb.org/102949

http://archives.neohapsis.com/archives/bugtraq/2014-02/0007.html

Details

Source: Mitre, NVD

Published: 2014-02-06

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00477