Lucene search
HistoryFeb 07, 2014 - 4:52 a.m.
CVE-2014-1643
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.002
Percentile
61.5%
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Affected configurations
Node
symantecencryption_management_serverRangeβ€3.3.1
ORsymantecencryption_management_serverMatch3.3.0
ORsymantecencryption_management_serverMatch3.3.0mp1
ORsymantecencryption_management_serverMatch3.3.0mp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | encryption_management_server | * | cpe:2.3:a:symantec:encryption_management_server:*:*:*:*:*:*:*:* |
| symantec | encryption_management_server | 3.3.0 | cpe:2.3:a:symantec:encryption_management_server:3.3.0:*:*:*:*:*:*:* |
| symantec | encryption_management_server | 3.3.0 | cpe:2.3:a:symantec:encryption_management_server:3.3.0:mp1:*:*:*:*:*:* |
| symantec | encryption_management_server | 3.3.0 | cpe:2.3:a:symantec:encryption_management_server:3.3.0:mp2:*:*:*:*:*:* |
Related
cve
cve
CVE-2014-1643
2014-02-07 04:52:04
packetstorm
packetstorm
Symantec PGP Universal Web Messenger Unauthorized Access
2014-02-15 00:00:00
symantec
symantec
prion
prion
Code injection
2014-02-07 04:52:00
cvelist
cvelist
CVE-2014-1643
2014-02-07 02:00:00
nessus
nessus
Symantec Encryption Management Server < 3.3.2 Information Disclosure
2014-02-14 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.002
Percentile
61.5%
Related for NVD:CVE-2014-1643