Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2015-0551

CVE information

Published

8 years ago

Last Modified

7 years ago

CVSSv2.0 Severity

Low

Impact Analysis

Share

Description

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors..

CVSSv2.0 Score

Severity
Low
Base Score
3.5/10
Exploit Score
6.8/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
Single
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:emc:documentum_webtop:6.7:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_administrator:6.7:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_administrator:7.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_administrator:6.7:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_webtop:6.8:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_webtop:6.7:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_taskspace:6.7:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_administrator:7.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_taskspace:6.7:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_digital_asset_manager:6.5:sp6:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_web_publisher:6.5:sp7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:emc:documentum_administrator:7.0:*:*:*:*:*:*:*
  Yes
- -

References