CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
9.5%
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | workspace_streaming | 6.1 | cpe:2.3:a:symantec:workspace_streaming:6.1:sp8:*:*:*:*:*:* |
symantec | workspace_streaming | 7.5 | cpe:2.3:a:symantec:workspace_streaming:7.5:sp1:*:*:*:*:*:* |