CVE-2016-2206
Severity Score
5.7
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrary files by modifying the file-download configuration file.
La consola de administraciĆ³n en Symantec Workspace Streaming (SWS) 7.5.x en versiones anteriores a 7.5 SP1 HF9 y 7.6.0 en versiones anteriores a 7.6 HF5 y Symantec Workspace Virtualization (SWV) 7.5.x en versiones anteriores a 7.5 SP1 HF9 y 7.6.0 en versiones anteriores a 7.6 HF5 permite a usuarios remotos autenticados leer archivos arbitrarios modificando el archivo de configuraciĆ³n de la descarga de archivos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-02-02 CVE Reserved
- 2016-07-12 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/89394 | Vdb Entry | |
| http://www.securitytracker.com/id/1036262 | Vdb Entry | |
| http://www.securitytracker.com/id/1036263 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Workspace Streaming Search vendor "Symantec" for product "Workspace Streaming" | 7.5.0 Search vendor "Symantec" for product "Workspace Streaming" and version "7.5.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Workspace Streaming Search vendor "Symantec" for product "Workspace Streaming" | 7.5.0 Search vendor "Symantec" for product "Workspace Streaming" and version "7.5.0" | sp1 |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Workspace Streaming Search vendor "Symantec" for product "Workspace Streaming" | 7.6.0 Search vendor "Symantec" for product "Workspace Streaming" and version "7.6.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Workspace Virtualization Search vendor "Symantec" for product "Workspace Virtualization" | 7.5.0 Search vendor "Symantec" for product "Workspace Virtualization" and version "7.5.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Workspace Virtualization Search vendor "Symantec" for product "Workspace Virtualization" | 7.5.0 Search vendor "Symantec" for product "Workspace Virtualization" and version "7.5.0" | sp1 |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Workspace Virtualization Search vendor "Symantec" for product "Workspace Virtualization" | 7.6.0 Search vendor "Symantec" for product "Workspace Virtualization" and version "7.6.0" | - |
Affected
| ||||||