CVE-2014-1649

Published: May 16, 2014Modified: May 6, 2026

7.9

Vector

AV:A/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 5.5 / Impact: 10.0

Source: NVD

Description

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.

Affected (6)

Products: Symantec: Workspace Streaming

1 product

Workspace Streaming

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Symantec Workspace Streaming	Up to 7.5.0
Symantec Workspace Streaming	Version 6.1
Symantec Workspace Streaming	Version 6.1 sp1
Symantec Workspace Streaming	Version 6.1 sp2
Symantec Workspace Streaming	Version 6.1 sp3
Symantec Workspace Streaming	Version 6.1 sp4

Related CWEs

References (8)

http://www.exploit-db.com/exploits/33521

Source: secure@symantec.com

http://www.securityfocus.com/bid/67189

Source: secure@symantec.com

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140512_00

Source: secure@symantec.com

Vendor Advisory

http://zerodayinitiative.com/advisories/ZDI-14-127/

Source: secure@symantec.com

http://www.exploit-db.com/exploits/33521

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/67189

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140512_00

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://zerodayinitiative.com/advisories/ZDI-14-127/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.