CVE-2015-1484
3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 79.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 22
Latest updateMay 17
Description
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
CVSS vector
AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0