3 matches found
CVE-2014-1649
creationtimestamp| type| source ---|---|--- 2014-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33521 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/symantecworkspacestreamingexec.rb 2025-02-06...
CVE-2014-1649
Symantec Workspace Streaming (SWS) server before 7.5.0.749 has an information disclosure/arbitrary file upload vulnerability in its XML-RPC handling (notably the ManagementAgentServer.putFile path), due to lack of proper access-control validation on XMLRPC requests. This allows remote, unauthenti...
Symantec Workspace Streaming XMLRPC Unauthenticated Access
SUMMARY The management server for Symantec Workspace Streaming SWS does not properly handle external XMLRPC requests, which could potentially allow unauthorized access to restricted server-side data and server functionality. A remote user could potential create a backdoor on the targeted server...