CVE-2014-4634

Published: Dec 30, 2014Modified: May 6, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Affected (10)

Products: Emc: Appsync, Replication Manager

Emc

2 products

Appsync

Replication Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Appsync	Up to 2.0

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Emc Replication Manager	Up to 5.5.2
Emc Replication Manager	Version 5.0
Emc Replication Manager	Version 5.1
Emc Replication Manager	Version 5.2
Emc Replication Manager	Version 5.3
Emc Replication Manager	Version 5.4.3
Emc Replication Manager	Version 5.4
Emc Replication Manager	Version 5.5.1
Emc Replication Manager	Version 5.5

References (2)

http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.