CVE-2016-2205

CWE-22Path Traversal3 documents3 sources
Severity
5.7MEDIUM
EPSS
0.4%
top 39.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Workspace StreamingSymantec Workspace Virtualization
Timeline
PublishedJul 12
Latest updateMay 17

Description

Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

NVDsymantec/workspace_streaming7.5.0, 7.6.0+1

🔴Vulnerability Details

2
GHSA
GHSA-hmhg-25gg-p99m: Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 72022-05-17
CVEList
CVE-2016-2205: Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 72016-07-12
CVE-2016-2205 (MEDIUM CVSS 5.7) | Directory traversal vulnerability i | cvebase.io