Lucene search
SymantecCVE-2014-7288HistoryFeb 01, 2015 - 2:59 a.m.
CVE-2014-7288
2015-02-0102:59:02
CWE-264
symantec
web.nvd.nist.gov
31
symantec
pgp
universal server
encryption management server
cve-2014-7288
security vulnerability
remote code execution
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.111
Percentile
95.2%
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.
Affected configurations
Node
symantecencryption_management_serverRange≤3.3.2mp6
ORsymantecpgp_universal_serverRange≤3.3.2mp6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | encryption_management_server | * | cpe:2.3:a:symantec:encryption_management_server:*:mp6:*:*:*:*:*:* |
| symantec | pgp_universal_server | * | cpe:2.3:a:symantec:pgp_universal_server:*:mp6:*:*:*:*:*:* |
References
Related
packetstorm
packetstorm
Symantec Encryption Gateway Remote Command Injection
2015-06-17 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2015-02-01 02:59:00
openvas
openvas
Symantec Encryption Management Server Local Command Injection Vulnerability
2015-06-18 00:00:00
cvelist
cvelist
CVE-2014-7288
2015-02-01 02:00:00
exploitdb
exploitdb
nvd
nvd
CVE-2014-7288
2015-02-01 02:59:02
symantec
symantec
nessus
nessus
Symantec Encryption Management Server < 3.3.2 MP7 Multiple Vulnerabilities
2015-02-05 00:00:00
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.111
Percentile
95.2%
Related for CVE-2014-7288