CVE-2015-8798 in Critical System Protectioninfo

Summary

Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary code via unspecified vectors.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/02/2016

Disclosure

06/08/2016

Moderation

VulDB entry created

Entries

1: VDB-87771

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

7.1

EPSS

0.02929

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-8798
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8798
CVE Details	https://www.cvedetails.com/cve/CVE-2015-8798/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!