20,212 questions
Hi
I would go with:
"D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe" nonclustered MSSQLSERVER
Gary.
Unquoted Service Path vulnerability
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 69%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
johnk
46
Reputation points
We have had a vulnerability scan carried out which highlighted several unquoted service path vulnerabilities.
These have so far been straightforward to resolve.
However there is one i am hoping someone can give a bit of guidance on
D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe nonclustered MSSQLSERVER
do the quote marks go after the .exe part of the path as in
"D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe" nonclustered MSSQLSERVER
or
"D:\Program Files (x86)\Codeless Platforms\QLTaskCentre\iwsqlea.exe nonclustered MSSQLSERVER"
Thanks
John
Windows for business | Windows Server | User experience | Other
Windows for business | Windows Server | Devices and deployment | Configure application groups
Accepted answer
1 additional answer
Sort by: Most helpful
-
johnk 46 Reputation points
2022-08-16T13:48:38.887+00:00 Thanks Gary
That was my gut instinct but wanted to double check