CVE-2014-1649
Symantec Workspace Streaming <7.5.0.749 - SSRF
Title source: llmDescription
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/33521
metasploit
WORKING POC
EXCELLENT
rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb
References (4)
Scores
EPSS
0.4016
EPSS Percentile
97.4%
Details
CWE
CWE-264
Status
published
Products (2)
symantec/workspace_streaming
6.1 (5 CPE variants)
symantec/workspace_streaming
< 7.5.0
Published
May 16, 2014
Tracked Since
Feb 18, 2026