Directory Traversal Vulnerability in Symantec Embedded Security Products
CVE-2015-8799

7.6HIGH

What is CVE-2015-8799?

A directory traversal vulnerability exists in the Management Server of several Symantec Embedded Security products. This issue allows remote authenticated users to manipulate update-package data and write it to arbitrary agent locations. This could lead to unauthorized access and potential exploitation of system resources. Users are strongly advised to apply the necessary updates to mitigate risks associated with this vulnerability.

References

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2015-8799 : Directory Traversal Vulnerability in Symantec Embedded Security Products