Published: 08/06/2016 Updated: 09/09/2021

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Subscribe to Symantec Critical System Protection

SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x prior to 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) prior to 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x prior to 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) up to and including 6.6 MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
broadcom symantec critical system protection
broadcom symantec data center security server 6.5.0
broadcom symantec data center security server 6.6.0
broadcom symantec data center security server and agents
broadcom symantec embedded security critical system protection
broadcom symantec embedded security critical system protection for controllers and devices

CWE-89 http://www.securityfocus.com/bid/90889 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160607_00 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-8157

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect