CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5243
https://notcve.org/view.php?id=CVE-2018-5243
The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. El producto Symantec Encryption Management Server (SEMS) en versiones anteriores a la versión 3.4.2 MP1, puede ser susceptible a una denegación de servicio (DoS). Un ataque DoS es un tipo de ataque en el que el infractor intenta hacer que un dispositivo o recurso de red en concreto se vuelva inutilizable para sus usuarios originales mediante la interrupción temporal o indefinida de un host específico en una red. • http://www.securityfocus.com/bid/105062 http://www.securitytracker.com/id/1041527 https://support.symantec.com/en_US/article.SYMSA1458.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8148
https://notcve.org/view.php?id=CVE-2015-8148
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. El servicio LDAP en Symantec Encryption Management Server (SEMS) 3.3.2 en versiones anteriores a MP12 permite a atacantes remotos obtener información sensible acerca de cuentas de administrador a través de una petición modificada. • http://www.securityfocus.com/bid/83271 http://www.securitytracker.com/id/1035063 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160218_00 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8151
https://notcve.org/view.php?id=CVE-2015-8151
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. Symantec Encryption Management Server (SEMS) 3.3.2 en versiones anteriores a MP12 permite a usuarios remotos autenticados ejecutar comandos del SO arbitrarios mediante el aprovechamiento del acceso de administrador a la consola. • http://www.securityfocus.com/bid/83268 http://www.securitytracker.com/id/1035063 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160218_00 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8150
https://notcve.org/view.php?id=CVE-2015-8150
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. Symantec Encryption Management Server (SEMS) 3.3.2 en versiones anteriores a MP12 permite a usuarios locales obtener acceso root mediante la modificación de un archivo batch. • http://www.securityfocus.com/bid/83269 http://www.securitytracker.com/id/1035063 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160218_00 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8149
https://notcve.org/view.php?id=CVE-2015-8149
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. El servicio LDAP en Symantec Encryption Management Server (SEMS) 3.3.2 en versiones anteriores a MP12 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria dinámica e interrupción de servicio) a través de peticiones manipuladas. • http://www.securityfocus.com/bid/83270 http://www.securitytracker.com/id/1035063 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160218_00 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •