Unquoted Service Path vulnerability

johnk 46 Reputation points
2022-08-16T13:20:52.857+00:00

We have had a vulnerability scan carried out which highlighted several unquoted service path vulnerabilities.

These have so far been straightforward to resolve.

However there is one i am hoping someone can give a bit of guidance on

D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe nonclustered MSSQLSERVER

do the quote marks go after the .exe part of the path as in

"D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe" nonclustered MSSQLSERVER

or

"D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe nonclustered MSSQLSERVER"

Thanks

John

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,032 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,712 questions
0 comments No comments
{count} votes

1 additional answer

Sort by: Most helpful
  1. johnk 46 Reputation points
    2022-08-16T13:48:38.887+00:00

    Thanks Gary

    That was my gut instinct but wanted to double check

    0 comments No comments