[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities

To: "'bugtraq@xxxxxxxxxxxxxxxxx'" <bugtraq@xxxxxxxxxxxxxxxxx>, "'dm@xxxxxxxxxxxxxxxxx'" <dm@xxxxxxxxxxxxxxxxx>, Security Alert <Security_Alert@xxxxxxx>
Subject: ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities
From: Security Alert <Security_Alert@xxxxxxx>
Date: Mon, 30 Jun 2014 13:57:17 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities

EMC Identifier: ESA-2014-046

CVE Identifier:  CVE-2014-2506, CVE-2014-2507, CVE-2014-2508

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected products:  
?       All EMC Documentum Content Server versions of 7.1
?       All EMC Documentum Content Server versions of 7.0
?       All EMC Documentum Content Server versions of 6.7 SP2
?       All EMC Documentum Content Server versions of 6.7 SP1
?       All EMC Documentum Content Server versions prior to 6.7 SP1

Summary:  
EMC Documentum Content Server contains fixes for multiple security 
vulnerabilities that could be potentially exploited by malicious users to 
compromise the affected system. 

Details: 
EMC Documentum Content Server may be susceptible to the following 
vulnerabilities:

?       Privilege Escalation  (CVE-2014-2506):
Authenticated non-privileged users are allowed to create system objects with 
super user privileges due to improper authorization checks being performed on 
these objects. This could be potentially exploited by a malicious attacker to 
gain unauthorized access to data or to perform unauthorized actions on Content 
Server.
CVSS v2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

?       Shell Injection (CVE-2014-2507):
Certain methods in Documentum Content Server perform improper validation checks 
on input arguments. This may be potentially exploited by an authenticated 
malicious user to conduct shell injection attacks against these methods and 
perform unauthorized actions on Content Server.
CVSS v2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

?       DQL Injection (CVE-2014-2508):
Certain DQL hints in Documentum Content Server may be potentially exploited by 
an authenticated malicious user to conduct DQL injection attacks to access the 
database content without proper authorization. This issue only affects Content 
Server running on Oracle database. 
CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)


Resolution: 
The following versions contain the security fixes to address these 
vulnerabilities: 
?       EMC Documentum Content Server version 7.1 P05 and later
?       EMC Documentum Content Server version 7.0 - Hotfix is available for 
Windows & Linux in the below mentioned links. For Solaris and AIX contact EMC 
Support.  
?       EMC Documentum Content Server version 6.7 SP2 P14 and later
EMC Documentum Content Server version 6.7 SP1 - Hotfix is available for Windows 
& Linux in the below mentioned linksFor Solaris and AIX contact EMC Support. 
EMC strongly recommends all customers to upgrade to one of the above versions 
at the earliest opportunity.

Link to remedies:
Registered EMC Online Support customers can download patches and software from 
support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server

Contact EMC Technical Support to request the hotfixes.  

Credits: EMC would like to thank Pedro Laguna, from Pentura for reporting the 
issue CVE-2014-2508.


Read and use the information in this EMC Security Advisory to assist in 
avoiding any situation that might arise from the problems described herein. If 
you have any questions regarding this product alert, contact EMC Software 
Technical Support at 1-877-534-2867.

For an explanation of Severity Ratings, refer to EMC Knowledgebase solution 
emc218831. EMC recommends all customers take into account both the base score 
and any relevant temporal and environmental scores which may impact the 
potential severity associated with particular security vulnerability.

EMC Corporation distributes EMC Security Advisories, in order to bring to the 
attention of users of the affected EMC products, important security 
information. EMC recommends that all users determine the applicability of this 
information to their individual situations and take appropriate action. The 
information set forth herein is provided "as is" without warranty of any kind. 
EMC disclaims all warranties, either express or implied, including the 
warranties of merchantability, fitness for a particular purpose, title and 
non-infringement. In no event, shall EMC or its suppliers, be liable for any 
damages whatsoever including direct, indirect, incidental, consequential, loss 
of business profits or special damages, even if EMC or its suppliers have been 
advised of the possibility of such damages. Some states do not allow the 
exclusion or limitation of liability for consequential or incidental damages, 
so the foregoing limitation may not apply.

Product Security Response Center
security_alert@xxxxxxx


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Cygwin)

iEYEARECAAYFAlOxbDYACgkQtjd2rKp+ALw0QgCeKkLD7JAltuLXBemr53FFioUi
4pIAn214Rc2xIoPjnpxJe5ZwchEI/SlT
=Hpua
-----END PGP SIGNATURE-----

Prev by Date: ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability
Next by Date: SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS
Previous by thread: ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability
Next by thread: SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS
Index(es):
- Date
- Thread