Lucene search
K
SymantecEncryption Management Server

9 matches found

CVE
CVE
added 2018/08/20 6:0 p.m.102 views

CVE-2018-5243

CVE-2018-5243 affects the Symantec Encryption Management Server (SEMS) prior to version 3.4.2 MP1 . The issue is described as a denial-of-service vulnerability; the exact root cause is not detailed in the provided documents. Impact is listed as DoS with partial to high availability impact dependi...

7.5CVSS7.4AI score0.01791EPSS
CVE
CVE
added 2014/02/07 2:0 a.m.63 views

CVE-2014-1643

Symantec Encryption Management Server (aka PGP Universal Server) Web Email Protection prior to 3.3.2 is vulnerable: an authenticated Web Messenger/Remote user can alter a URL to view another user’s stored outbound emails due to a flaw in Web Email Protection’s access restrictions. Affected versio...

4CVSS6.1AI score0.00747EPSS
Web
CVE
CVE
added 2016/02/18 10:0 p.m.57 views

CVE-2015-8148

CVE-2015-8148 affects Symantec Encryption Management Server (SEMS) LDAP service. SEMS 3.3.2 before MP12 is vulnerable to an information-disclosure via crafted LDAP requests that allows an unauthenticated remote attacker to obtain sensitive information about administrator accounts. This is part of...

7.5CVSS7.9AI score0.01601EPSS
CVE
CVE
added 2015/02/01 2:0 a.m.53 views

CVE-2014-7288

Symantec Encryption Management Server (and PGP Universal Server) prior to 3.3.2 MP7 is affected by CVE-2014-7288. The issue allows an authenticated administrator to execute arbitrary shell commands via a crafted database-backup restore command. OpenVAS identifies it as a local command-injection v...

9CVSS7.4AI score0.08116EPSS
Web
CVE
CVE
added 2016/02/18 10:0 p.m.52 views

CVE-2015-8151

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 is affected by CVE-2015-8151, a web UI command-injection vulnerability. An authenticated remote user with console administrator access can cause arbitrary OS commands to run with elevated privileges due to improper input sanitization ...

9.1CVSS9.2AI score0.01853EPSS
CVE
CVE
added 2016/02/18 10:0 p.m.51 views

CVE-2015-8149

The CVE-2015-8149 entry concerns Symantec Encryption Management Server (SEMS) LDAP service. Affects SEMS 3.3.2 prior to MP12; the LDAP service can be exploited remotely by sending crafted LDAP requests to trigger heap memory corruption and a service outage (DoS). The issue is described as a remot...

7.5CVSS8.3AI score0.0193EPSS
CVE
CVE
added 2015/02/01 2:0 a.m.48 views

CVE-2014-7287

CVE-2014-7287 affects Symantec Encryption Management Server (aka Symantec PGP Universal Server) before 3.3.2 MP7. The root cause is in the key-management component, where specially formatted PGP key UIDs in inbound mail can trigger unintended content in outbound emails (e.g., manipulated Subject/...

5CVSS6.7AI score0.0111EPSS
CVE
CVE
added 2016/02/18 10:0 p.m.48 views

CVE-2015-8150

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 is affected by CVE-2015-8150, a local-privilege-elevation flaw. According to the sources, a local attacker can gain root access by modifying a batch file that normally runs with root privileges. The issue is part of multiple vulnerabi...

7.8CVSS8.1AI score0.00285EPSS
CVE
CVE
added 2013/07/31 10:0 a.m.43 views

CVE-2013-4674

CVE-2013-4674 is an XSS vulnerability in Symantec Encryption Management Server (formerly PGP Universal Server), specifically in the Web Email Protection component. The issue affects versions before 3.3.0 MP2 where remote authenticated users could inject arbitrary web script or HTML via a crafted ...

4.3CVSS5.3AI score0.00886EPSS