PT-2015-4165 · Symantec · Symantec Data Center Security: Server Advanced+1

Published

2015-01-21

Updated

2021-08-04

CVE-2014-9226

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Critical System Protection versions 5.2.9 through MP6 Symantec Data Center Security: Server Advanced versions 6.0.x through 6.0 MP1

Description The issue allows local users to bypass intended Protection Policies via unspecified vectors in the management server of the affected software.

Recommendations For Symantec Critical System Protection versions 5.2.9 through MP6, update to a version outside of this range to resolve the issue. For Symantec Data Center Security: Server Advanced versions 6.0.x through 6.0 MP1, update to a version outside of this range to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-9226

Affected Products

Symantec Critical System Protection

Symantec Data Center Security: Server Advanced

PT-2015-4165 · Symantec · Symantec Data Center Security: Server Advanced+1

CVE-2014-9226

Weakness Enumeration

Related Identifiers

Affected Products

References · 7