CVE-2014-4634 — MEDIUM (4.6)

Q: How severe is CVE-2014-4634?

CVE-2014-4634 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-4634?

Check the references section above for vendor advisories and patch information. Affected products include: Emc Appsync, Emc Replication Manager.

Vulnerability Description

Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Emc	Appsync	<= 2.0
Emc	Replication Manager	<= 5.5.2

References

FAQ

What is CVE-2014-4634?

CVE-2014-4634 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed o...

How severe is CVE-2014-4634?

CVE-2014-4634 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-4634?

Check the references section above for vendor advisories and patch information. Affected products include: Emc Appsync, Emc Replication Manager.