CVE-2011-4144 - Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before S

CVE-2011-4144

Summary

Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges.

References

http://archives.neohapsis.com/archives/bugtraq/2012-02/0005.html

Vulnerable Configurations

cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*
cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-02-2012 - 05:00)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bugtraq

20120201 ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability

Last major update

16-02-2012 - 05:00

Published

02-02-2012 - 04:09

Last modified

16-02-2012 - 05:00