CVE-2014-0629

high

Published 2014-03-06 · Modified 2026-05-06

CVSS v3

—

CVSS v2

8.5

VIR risk

8.5

Description

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact

Vendor	Product	Versions	Fixed
emc	documentum_taskspace	`6.7`

References

http://seclists.org/bugtraq/2014/Mar/33
http://seclists.org/bugtraq/2014/Mar/33

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.