CVE-2016-2206
MEDIUMSymantec Workspace Streaming - Access Control
Title source: ruleDescription
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrary files by modifying the file-download configuration file.
References (4)
Scores
CVSS v3
5.7
EPSS
0.0015
EPSS Percentile
35.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-264
Status
draft
Affected Products (6)
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_streaming
symantec/workspace_virtualization
symantec/workspace_virtualization
symantec/workspace_virtualization
Timeline
Published
Jul 12, 2016
Tracked Since
Feb 18, 2026