CVE-2015-8799 in Symantec and Broadcom Products
Published on June 8, 2016

Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors.

NVD

Products Associated with CVE-2015-8799

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-8799 are published in these products:

Symantec Data Center Security Server

Symantec Data Center Security Serverand Agents

Symantec Embedded Security Critical System Protection

Broadcom Symantec Critical System Protection

Symantec Embedded Security Critical System Protection Controllers Devices

Broadcom Symantec Data Center Security Server

Broadcom Symantec Data Center Security Server Agents

Broadcom Symantec Embedded Security Critical System Protection

Broadcom Symantec Embedded Security Critical System Protection Controllers Devices

Exploit Probability

EPSS

1.63%

Percentile

81.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-8799 in Symantec and Broadcom ProductsPublished on June 8, 2016

Products Associated with CVE-2015-8799

Exploit Probability

CVE-2015-8799 in Symantec and Broadcom Products
Published on June 8, 2016