FKIE_CVE-2017-14527

Vulnerability from fkie_nvd - Published: 2017-09-28 01:29 - Updated: 2026-05-13 00:24
Severity
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a (1) crafted DTD, involving unspecified XML structures in a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or crafted XML file in a MediaProfile file (2) import or (3) check in.
References
cve@mitre.orghttp://seclists.org/fulldisclosure/2017/Sep/58Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttps://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774Permissions Required
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2017/Sep/58Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774Permissions Required
Impacted products
Vendor Product Version
opentext documentum_administrator 7.2.0180.0055
opentext documentum_webtop 6.8.0160.0073
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:opentext:documentum_administrator:7.2.0180.0055:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEEBDA29-6EC7-4E2D-A74A-3967AE2C6458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opentext:documentum_webtop:6.8.0160.0073:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C082233-5926-436C-B55D-99349345A9F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a (1) crafted DTD, involving unspecified XML structures in a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or crafted XML file in a MediaProfile file (2) import or (3) check in."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de XEE (XML External Entity) en la versi\u00f3n 6.8.0160.0073 de OpenText Documentum Webtop permiten que los usuarios autenticados remotos listen el contenido de directorios remotos, lean archivos arbitrarios, provoquen una denegaci\u00f3n de servicio o, en Windows, obtengan hashes de usuario Documentum mediante (1) un archivo DTD manipulado, que implica estructuras XML sin especificar en una petici\u00f3n a xda/com/documentum/ucf/server/transport/impl/GAIRConnector o un archivo XML manipulado en un archivo MediaProfile (2) importado o (3) insertado en el repositorio."
    }
  ],
  "id": "CVE-2017-14527",
  "lastModified": "2026-05-13T00:24:29.033",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-28T01:29:01.590",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2017/Sep/58"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2017/Sep/58"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.