Directory Traversal Vulnerability in Symantec Workspace Streaming and Virtualization Products
CVE-2016-2205

5.7MEDIUM

Key Information:

Vendor

Symantec
Status
Workspace Virtualization
Workspace Streaming
Vendor
CVE Published:
12 July 2016

What is CVE-2016-2205?

A directory traversal vulnerability exists in the file-download configuration of the management console for both Symantec Workspace Streaming and Symantec Workspace Virtualization. This vulnerability permits remote authenticated users to potentially read sensitive application files, thus exposing critical information through various, albeit unspecified, vectors. Addressing this vulnerability is crucial to maintaining the security integrity of affected installations.

References

http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/89395
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036263
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.