Vulnerability Details CVE-2014-1649
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.402
EPSS Ranking 97.2%
CVSS Severity
CVSS v2 Score 7.9
References
- http://www.exploit-db.com/exploits/33521
- http://www.securityfocus.com/bid/67189
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140512_00
- http://zerodayinitiative.com/advisories/ZDI-14-127/
- http://www.exploit-db.com/exploits/33521
- http://www.securityfocus.com/bid/67189
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140512_00
- http://zerodayinitiative.com/advisories/ZDI-14-127/
Products affected by CVE-2014-1649
-
cpe:2.3:a:symantec:workspace_streaming:6.1
-
cpe:2.3:a:symantec:workspace_streaming:7.5.0