CVE-2014-1643

Published: Feb 7, 2014Modified: Apr 29, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.

Affected (4)

Products: Symantec: Encryption Management Server

1 product

Encryption Management Server

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Symantec Encryption Management Server	Up to 3.3.1
Symantec Encryption Management Server	Version 3.3.0
Symantec Encryption Management Server	Version 3.3.0 mp1
Symantec Encryption Management Server	Version 3.3.0 mp2

Related CWEs

References (8)

http://www.securityfocus.com/bid/65300

Source: secure@symantec.com

http://www.securitytracker.com/id/1029729

Source: secure@symantec.com

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140205_00

Source: secure@symantec.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/90946

Source: secure@symantec.com

http://www.securityfocus.com/bid/65300

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1029729

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140205_00

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/90946

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.