CVE-2014-7288

Currently unrated

Key Information:

Vendor: Symantec
Status: Encryption Management Server; Pgp Universal Server
Vendor: CVE Published:; 1 February 2015

Summary

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.

References

http://www.securitytracker.com/id/1031673

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.exploit-db.com/exploits/35949

exploitx_refsource_EXPLOIT-DB

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 1, 2015
Vulnerability Reserved
Oct 2, 2014