Remote Command Execution Vulnerability in Symantec PGP Universal Server and Encryption Management Server
CVE-2014-7288

Currently unrated

Key Information:

Vendor

Symantec
Status
Encryption Management Server
Pgp Universal Server
Vendor
CVE Published:
1 February 2015

What is CVE-2014-7288?

The Symantec PGP Universal Server and Encryption Management Server prior to version 3.3.2 MP7 are susceptible to a vulnerability that allows remote authenticated administrators to execute arbitrary shell commands. This exposure arises from improperly validated input during a database-backup restore operation, enabling attackers to craft malicious command lines. A successful exploitation could lead to unauthorized control and manipulation of system commands, posing a significant security risk. Organizations should ensure that they are running an updated version of the software to mitigate the potential threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1031673
vdb-entryx_refsource_SECTRACK
http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM
http://www.exploit-db.com/exploits/35949
exploitx_refsource_EXPLOIT-DB

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.