CVE-2016-2205
MEDIUMSymantec Workspace Streaming - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors.
References (4)
Scores
CVSS v3
5.7
EPSS
0.0040
EPSS Percentile
60.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-22
Status
draft
Affected Products (6)
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_virtualization
symantec/workspace_virtualization
symantec/workspace_virtualization
Timeline
Published
Jul 12, 2016
Tracked Since
Feb 18, 2026