Vulnerabilities > CVE-2014-4639 - Numeric Errors vulnerability in EMC Documentum WDK 6.7

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
emc
CWE-189

Summary

EMC Documentum Web Development Kit (WDK) before 6.8 does not properly generate random numbers for a certain parameter related to Webtop components, which makes it easier for remote attackers to conduct phishing attacks via brute-force attempts to predict the parameter value.

Vulnerable Configurations

Part Description Count
Application
Emc
1

Common Weakness Enumeration (CWE)