PT-2016-5067 · Symantec · Symantec Workspace Streaming+1
Published
2016-07-12
·
Updated
2017-09-01
·
CVE-2016-2206
CVSS v3.1
5.7
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Symantec Workspace Streaming (SWS) versions 7.5.x through 7.5 SP1 HF8
Symantec Workspace Streaming (SWS) version 7.6.0
Symantec Workspace Virtualization (SWV) versions 7.5.x through 7.5 SP1 HF8
Symantec Workspace Virtualization (SWV) version 7.6.0
Description
The management console in the affected software allows remote authenticated users to read arbitrary files by modifying the file-download configuration file.
Recommendations
For Symantec Workspace Streaming (SWS) versions 7.5.x through 7.5 SP1 HF8, update to 7.5 SP1 HF9 or later.
For Symantec Workspace Streaming (SWS) version 7.6.0, update to 7.6 HF5 or later.
For Symantec Workspace Virtualization (SWV) versions 7.5.x through 7.5 SP1 HF8, update to 7.5 SP1 HF9 or later.
For Symantec Workspace Virtualization (SWV) version 7.6.0, update to 7.6 HF5 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Symantec Workspace Streaming
Symantec Workspace Virtualization