CVE-2015-4530
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to hijack the authentication of arbitrary users. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2518.
Vulnerabilidad de CSRF en EMC Documentum WebTop en versiones anteriores a 6.8P01, Documentum Administrator hasta la versión 7.2, Documentum Digital Assets Manager hasta la versión 6.5SP6, Documentum Web Publishers hasta la versión 6.5SP7 y Documentum Task Space hasta la versión 6.7SP2, permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios. NOTA: esta vulnerabilidad existe debido a una solución incompleta de la vulnerabilidad CVE-2014-2518.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-06-11 CVE Reserved
- 2015-08-18 CVE Published
- 2023-06-12 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/bugtraq/2015/Aug/87 | Mailing List |
|
| http://www.securityfocus.com/bid/76405 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Documentum Administrator Search vendor "Emc" for product "Documentum Administrator" | <= 7.2 Search vendor "Emc" for product "Documentum Administrator" and version " <= 7.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Digital Asset Manager Search vendor "Emc" for product "Documentum Digital Asset Manager" | <= 6.5 Search vendor "Emc" for product "Documentum Digital Asset Manager" and version " <= 6.5" | sp6 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Taskspace Search vendor "Emc" for product "Documentum Taskspace" | <= 6.7 Search vendor "Emc" for product "Documentum Taskspace" and version " <= 6.7" | sp2 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Web Publisher Search vendor "Emc" for product "Documentum Web Publisher" | <= 6.5 Search vendor "Emc" for product "Documentum Web Publisher" and version " <= 6.5" | sp7 |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Webtop Search vendor "Emc" for product "Documentum Webtop" | <= 6.8 Search vendor "Emc" for product "Documentum Webtop" and version " <= 6.8" | - |
Affected
| ||||||