Vulnerabilities > CVE-2013-6182 - Unspecified vulnerability in EMC Replication Manager
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID:64520 CVE ID:CVE-2013-6182 EMC Replication Manager是一款通过统一的管理控制台管理复制技术并协调整个数据复制过程的解决方案。 EMC Replication Manager允许在文件路径中包含未加引号元素的脚本,允许用户创建包含空格或其他分隔符元素的脚本,可访问父路径中的资源并执行,可提升权限。 0 EMC Replication Manager 厂商补丁: EMC ----- EMC Replication Manager 5.5.0已经修复该漏洞,建议用户下载更新: https://support.emc.com/products/1293 |
| id | SSV:61234 |
| last seen | 2017-11-19 |
| modified | 2013-12-30 |
| published | 2013-12-30 |
| reporter | Root |
| title | EMC Replication Manager文件路径处理本地权限提升漏洞 |
References
- http://archives.neohapsis.com/archives/bugtraq/2013-12/0139.html
- http://archives.neohapsis.com/archives/bugtraq/2013-12/0139.html
- http://osvdb.org/101430
- http://osvdb.org/101430
- http://packetstormsecurity.com/files/124584/EMC-Replication-Manager-Unquoted-File-Path-Enumeration.html
- http://packetstormsecurity.com/files/124584/EMC-Replication-Manager-Unquoted-File-Path-Enumeration.html
- http://www.securityfocus.com/bid/64520
- http://www.securityfocus.com/bid/64520
- http://www.securitytracker.com/id/1029536
- http://www.securitytracker.com/id/1029536