Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-7287
HistoryFeb 01, 2015 - 2:59 a.m.

CVE-2014-7287

2015-02-0102:59:01
CWE-74
[email protected]
web.nvd.nist.gov
22
symantec
pgp
universal server
encryption management
cve-2014-7287
vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.1%

JSON

The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header.

Affected configurations

NVD
Node
symantecencryption_management_serverRange3.3.2mp6
OR
symantecpgp_universal_serverRange3.3.2mp6

Related

nvd 1
prion 1
cvelist 1
nessus 1
symantec 1
nvd
nvd
CVE-2014-7287
2015-02-01 02:59:01
prion
prion
Code injection
2015-02-01 02:59:00
cvelist
cvelist
CVE-2014-7287
2015-02-01 02:00:00
nessus
nessus
Symantec Encryption Management Server < 3.3.2 MP7 Multiple Vulnerabilities
2015-02-05 00:00:00
symantec
symantec
Symantec Encryption Management Server Database Backup Command Line Injection and Email Header Inject
2015-01-29 08:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.1%

JSON
Related for CVE-2014-7287
nvd1prion1cvelist1nessus1symantec1