NVD

Id
35971  
Name
CVE-2014-9225  
Description
The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-01-21  
Modified Date
2017-01-02  
Seq
2014-9225  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
184008 35971 CVE-2014-9225 http://packetstormsecurity.com/files/130060/Symantec-SDCS-SA-SCSP-XSS-Bypass-SQL-Injection-Disclosure.html  View
184009 35971 CVE-2014-9225 20150122 SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP  View
184010 35971 CVE-2014-9225 20150122 SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP  View
184011 35971 CVE-2014-9225 72094  View
184012 35971 CVE-2014-9225 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150119_00  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18876 JVNDB-2014-007751 Symantec Critical System Protection および Symantec Data Center Security: Server Advanced の管理サーバにおける重要なサーバ情報を取得される脆弱性 Symantec Critical System Protection (SCSP) および Symantec Data Center Security: Server Advanced (SDCS:SA) の管理サーバの ajaxswing webui には、重要なサーバ情報を取得される脆弱性が存在します。 CVE-2014-9225 76518 CVE-2014-9225 35971 4 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007751.html 2014-12-03 2015-01-23 View