CVE-2008-4389
Symantec Workspace Streaming - Authentication Bypass
Title source: ruleDescription
Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.
References (6)
Scores
EPSS
0.0057
EPSS Percentile
68.3%
Classification
CWE
CWE-287
Status
draft
Affected Products (8)
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_streaming
symantec/appstream
symantec/appstream
symantec/appstream
symantec/appstream
Timeline
Published
Jun 17, 2010
Tracked Since
Feb 18, 2026