Lucene search
K
SymantecData Center Security

6 matches found

CVE
CVE
added 2015/01/21 11:0 a.m.78 views

CVE-2014-9226

CVE-2014-9226 affects Symantec Data Center Security: Server Advanced (SDCS:SA) version 6.0 MP1 and Symantec Critical System Protection (SCSP) 5.2.9 MP6. The SEC Consult advisory documents multiple default Protection Policy bypasses in the SDCS:SA Client and related components that allow an unauth...

7.2CVSS7.9AI score0.01544EPSS
CVE
CVE
added 2015/01/21 11:0 a.m.63 views

CVE-2014-7289

CVE-2014-7289 is a SQL injection vulnerability in the management server of Symantec Data Center Security: Server Advanced (SDCS:SA) and Symantec Critical System Protection (SCSP). Affected versions include SCSP 5.2.9 before MP6 and SDCS:SA 6.0.x before 6.0 MP1, with exploitation via the /sis-ui/a...

6.5CVSS8.6AI score0.04554EPSS
CVE
CVE
added 2020/04/06 7:22 p.m.60 views

CVE-2020-5832

CVE-2020-5832 affects Symantec Data Center Security Manager Component prior to 6.8.2 (6.8 MP2). The vulnerability is a privilege escalation in which an attacker may attempt to gain elevated access to protected resources. Mitigation is upgrading to version 6.8.2 (6.8 MP2); Symantec’s advisories an...

7.8CVSS7.9AI score0.00383EPSS
CVE
CVE
added 2015/01/21 11:0 a.m.59 views

CVE-2014-9225

The CVE-2014-9225 issue affects the ajaxswing webui in the Symantec Critical System Protection (SCSP) management server and the Symantec Data Center Security: Server Advanced (SDCS:SA) server. Affected versions are SCSP 5.2.9 through MP6 and SDCS:SA 6.0.x through 6.0 MP1. The vulnerability enable...

4CVSS7.7AI score0.0922EPSS
CVE
CVE
added 2015/01/21 11:0 a.m.55 views

CVE-2014-3440

CVE-2014-3440 affects Symantec Critical System Protection (SCSP) 5.2.9.x before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1. The issue is an remote code execution vulnerability due to improper sanitization of user-uploaded log files in the Management Serv...

9CVSS8.6AI score0.03306EPSS
CVE
CVE
added 2015/01/21 11:0 a.m.54 views

CVE-2014-9224

CVE-2014-9224 is a cross-site scripting vulnerability in the ajaxswing webui of the Symantec Critical System Protection (SCSP) Management Console and Symantec Data Center Security: Server Advanced (SDCS:SA). It allows remote authenticated users to inject arbitrary web script or HTML, via unspecif...

3.5CVSS6.5AI score0.04591EPSS