MEDIUM🇵🇱 Wersja polska

CVE-2017-14754

CVSS 6.5v3.0pub. 2017-10-03upd. 2026-05-13

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Opentext Document Sciences Xpression

    APP
    Opentext
    ≤ 4.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2017-14759CRITICAL9.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14960HIGH7.5ten sam produkt

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13...

CVE-2017-14757HIGH8.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14758HIGH8.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14755MEDIUM6.1ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...