PT-2015-4164 · Symantec · Symantec Data Center Security: Server Advanced+1

Published

2015-01-21

Updated

2021-08-04

CVE-2014-9225

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Symantec Critical System Protection (SCSP) versions 5.2.9 through 5.2.9 MP6 Symantec Data Center Security: Server Advanced (SDCS:SA) versions 6.0.x through 6.0 MP1

Description The issue allows remote authenticated users to obtain sensitive server information.

Recommendations For Symantec Critical System Protection (SCSP) versions 5.2.9 through 5.2.9 MP6, update to a version outside of the affected range. For Symantec Data Center Security: Server Advanced (SDCS:SA) versions 6.0.x through 6.0 MP1, update to a version outside of the affected range.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2014-9225

Affected Products

Symantec Critical System Protection

Symantec Data Center Security: Server Advanced

PT-2015-4164 · Symantec · Symantec Data Center Security: Server Advanced+1

CVE-2014-9225

Weakness Enumeration

Related Identifiers

Affected Products

References · 7