Workspace Streaming
Monthly
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows. Rated medium severity (CVSS 6.9). No vendor patch available.
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. Rated high severity (CVSS 7.9). Public exploit code available and EPSS exploitation probability 40.2%.
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows. Rated medium severity (CVSS 6.9). No vendor patch available.
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. Rated high severity (CVSS 7.9). Public exploit code available and EPSS exploitation probability 40.2%.