Vulnerabilities > Symantec > Workspace Streaming > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-07-12 CVE-2016-2206 Permissions, Privileges, and Access Controls vulnerability in Symantec Workspace Streaming and Workspace Virtualization
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrary files by modifying the file-download configuration file.
low complexity
symantec CWE-264
5.7
2016-07-12 CVE-2016-2205 Path Traversal vulnerability in Symantec Workspace Streaming and Workspace Virtualization
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors.
low complexity
symantec CWE-22
5.7