1. CVE-Search
  2. CVE-2013-6182
ID CVE-2013-6182
Summary Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory. Per: http://cwe.mitre.org/data/definitions/428.html "CWE-428: Unquoted Search Path or Element"
References
Vulnerable Configurations
  • cpe:2.3:a:emc:replication_manager:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.2:*:client:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.2:*:client:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.4:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 08-01-2014 - 04:42)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 64520
bugtraq 20131224 ESA-2013-092: EMC Replication Manager Unquoted File Path Enumeration Vulnerability
confirm http://packetstormsecurity.com/files/124584/EMC-Replication-Manager-Unquoted-File-Path-Enumeration.html
osvdb 101430
sectrack 1029536
Last major update 08-01-2014 - 04:42
Published 28-12-2013 - 04:53
Last modified 08-01-2014 - 04:42
Back to Top