CVE-2014-4637
First published: Wed Jan 07 2015(Updated: )
Open redirect vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Documentum WDK | <=6.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-4637?
CVE-2014-4637 is rated as a medium severity vulnerability due to its potential for exploitation in phishing attacks.
How do I fix CVE-2014-4637?
To mitigate CVE-2014-4637, update the EMC Documentum Web Development Kit to version 6.8 or later.
What software is affected by CVE-2014-4637?
CVE-2014-4637 affects EMC Documentum Web Development Kit versions prior to 6.8, specifically versions up to 6.7.
What type of attack does CVE-2014-4637 allow?
CVE-2014-4637 allows remote attackers to perform open redirect attacks, potentially leading to phishing.
Can CVE-2014-4637 be exploited remotely?
Yes, CVE-2014-4637 can be exploited remotely by an attacker to redirect users to arbitrary websites.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/author
- agent/first-publish-date
- agent/source
- vendor/emc
- canonical/emc documentum wdk
- version/emc documentum wdk/6.7