Lucene search

PRIOn knowledge basePRION:CVE-2014-4634

HistoryDec 30, 2014 - 3:59 p.m.

Design/Logic Flaw

2014-12-3015:59:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CPENameOperatorVersion
appsyncle2.0
replication_managereq5.3
replication_managerle5.5.2
replication_managereq5.5.1
replication_managereq5.5
replication_managereq5.1
replication_managereq5.2
replication_managereq5.4
replication_managereq5.4.3
replication_managereq5.0

Name	Operator	Version
appsync	le	2.0
replication_manager	eq	5.3
replication_manager	le	5.5.2
replication_manager	eq	5.5.1
replication_manager	eq	5.5
replication_manager	eq	5.1
replication_manager	eq	5.2
replication_manager	eq	5.4
replication_manager	eq	5.4.3
replication_manager	eq	5.0

References

archives.neohapsis.com/archives/bugtraq/2014-12/0170.html

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2014-4634