CVE-2014-2520
EMC Documentum Code Execution / DQL Injection
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
EMC Documentum Content Server anterior a 6.7 SP2 P16 y 7.x anterior a 7.1 P07, cuando Oracle Database está utilizada, no restringe debidamente los hints DQL, lo que permite a usuarios remotos autenticados realizar ataques de inyección DQL y leer contenido sensible de la base de datos a través de una solicitud manipulada.
EMC Documentum suffers from code execution, DQL injection, information disclosure, and multiple openssl vulnerabilities. Nicolas Gregoire provided the following PoC for the DQL injection: x'+UNION+ALL+SELECT+'z',user_os_name,user_name,default_folder+FROM+dm_user+ENABLE+(RETURN_TOP+10);
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-03-14 CVE Reserved
- 2014-08-19 CVE Published
- 2017-02-16 First Exploit
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/60571 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/533162/30/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/69274 | Vdb Entry | |
| http://www.securitytracker.com/id/1030743 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95369 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/141124 | 2017-02-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | <= 6.7 Search vendor "Emc" for product "Documentum Content Server" and version " <= 6.7" | sp2 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.0 Search vendor "Emc" for product "Documentum Content Server" and version "6.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.5 Search vendor "Emc" for product "Documentum Content Server" and version "6.5" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.5 Search vendor "Emc" for product "Documentum Content Server" and version "6.5" | sp1 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.5 Search vendor "Emc" for product "Documentum Content Server" and version "6.5" | sp2 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.5 Search vendor "Emc" for product "Documentum Content Server" and version "6.5" | sp3 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.6 Search vendor "Emc" for product "Documentum Content Server" and version "6.6" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.7 Search vendor "Emc" for product "Documentum Content Server" and version "6.7" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 6.7 Search vendor "Emc" for product "Documentum Content Server" and version "6.7" | sp1 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 7.0 Search vendor "Emc" for product "Documentum Content Server" and version "7.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Content Server Search vendor "Emc" for product "Documentum Content Server" | 7.1 Search vendor "Emc" for product "Documentum Content Server" and version "7.1" | - |
Affected
| ||||||