1. Home
  2. CVE Database
  3. CVE-2014-0633
HIGH · 7.7

CVE-2014-0633

The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an u...

Vulnerability Description

The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.

CVSS Score

7.7

HIGH

AV:A/AC:L/Au:S/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
EmcVplex Geosynchrony4.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2014-0633?

CVE-2014-0633 is a vulnerability with a CVSS score of 7.7 (HIGH). The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an u...

How severe is CVE-2014-0633?

CVE-2014-0633 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0633?

Check the references section above for vendor advisories and patch information. Affected products include: Emc Vplex Geosynchrony.