Skip to main content

Encryption Management Server

9 CVEs product

Monthly

CVE-2018-5243 HIGH This Week

The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Encryption Management Server
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2015-8151 CRITICAL Act Now

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Encryption Management Server
NVD
CVSS 3.0
9.1
EPSS
1.6%
CVE-2015-8150 HIGH This Week

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Encryption Management Server
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-8149 HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Encryption Management Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2015-8148 HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Encryption Management Server
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2014-7288 CRITICAL POC PATCH THREAT Act Now

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.2%.

Privilege Escalation Encryption Management Server Pgp Universal Server
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
11.2%
CVE-2014-7287 MEDIUM PATCH This Month

The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Encryption Management Server Pgp Universal Server
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-1643 MEDIUM This Month

The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Encryption Management Server
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2013-4674 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) before 3.3.0 MP2 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Encryption Management Server Pgp Universal Server
NVD
CVSS 2.0
4.3
EPSS
0.4%
EPSS 2% CVSS 7.5
HIGH This Week

The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Encryption Management Server
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Encryption Management Server
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Encryption Management Server
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Encryption Management Server
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Encryption Management Server
NVD
EPSS 11% CVSS 9.0
CRITICAL POC PATCH THREAT Act Now

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.2%.

Privilege Escalation Encryption Management Server Pgp Universal Server
NVD Exploit-DB
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Encryption Management Server Pgp Universal Server
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Encryption Management Server
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) before 3.3.0 MP2 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Encryption Management Server Pgp Universal Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy