VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 8, 2014· Updated May 6, 2026

CVE-2014-2508

CVE-2014-2508

Description

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.

Affected products

12
  • EMC Corporation/Documentum Content Server12 versions
    cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:emc:documentum_content_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.5:sp3:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.7:-:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:6.7:sp2:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:documentum_content_server:*:sp1:*:*:*:*:*:*range: <=6.7
    • (no CPE)range: <6.7 SP1 P28, <6.7 SP2 P14, <7.0 P15, <7.1 P05

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.