CVE-2014-4634

Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
emcappsync
𝑥
≤ 2.0
emcreplication_manager
𝑥
≤ 5.5.2
emcreplication_manager
5.0
emcreplication_manager
5.1
emcreplication_manager
5.2
emcreplication_manager
5.3
emcreplication_manager
5.4
emcreplication_manager
5.4.3
emcreplication_manager
5.5
emcreplication_manager
5.5.1
𝑥
= Vulnerable software versions
References
http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html
http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html