Unvalidated Session-Timeout Values in EMC VPLEX GeoSynchrony GUI

Unvalidated Session-Timeout Values in EMC VPLEX GeoSynchrony GUI

CVE-2014-0633 · HIGH Severity

AV:A/AC:L/AU:S/C:C/I:C/A:C

The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.

Learn more about our Web Application Penetration Testing UK.