Version(s): 6.7 SP2 P19, 7.1 P10; and later versions
A vulnerability was reported in EMC Documentum Content Server. A remote authenticated user can gain elevated privileges on the target system.
A remote authenticated user with limited privileges can exploit an insecure direct object reference flaw to gain read access or delete arbitrary files stored on the target Content Server or on network shares accessible from the target Content Server.
A remote authenticated user can read or delete files on the target system.
The vendor has issued a hotfix for versions 6.7 SP1 and 7.0 (Advisory ESA-2014-156).