CVE-2014-0633
EMC VPLEX GeoSynchrony 4.x-5.x - Remote Code Execution via Session Timeout Validation
Title source: llmDescription
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-03/0157.html
Scores
EPSS
0.0028
EPSS Percentile
51.0%
Details
CWE
CWE-20
Status
published
Products (5)
emc/vplex_geosynchrony
4.0
emc/vplex_geosynchrony
5.0
emc/vplex_geosynchrony
5.1
emc/vplex_geosynchrony
5.2
emc/vplex_geosynchrony
5.2.1
Published
Apr 01, 2014
Tracked Since
Feb 18, 2026