Remote Command Execution in Symantec Critical System Protection and Data Center Security
CVE-2014-3440

Currently unrated

Key Information:

Vendor

Broadcom
Status
Symantec Critical System Protection
Vendor
CVE Published:
21 January 2015

What is CVE-2014-3440?

The Agent Control Interface of the management server in specific versions of Symantec Critical System Protection and Symantec Data Center Security: Server Advanced allows authenticated users to execute arbitrary commands. By exploiting client-system access to upload log files, attackers can potentially gain control over the system, leading to significant security risks. Users are encouraged to update to the latest versions to mitigate potential threats associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2015/May/39
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/72091
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.