First published: Wed Jun 08 2016(Updated: )
Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access.
Credit: secure@symantec.com
Affected Software | Affected Version | How to fix |
---|---|---|
Broadcom Symantec Critical System Protection | =5.2.9 | |
Broadcom Symantec Data Center Security | =6.5.0 | |
Broadcom Symantec Data Center Security | =6.6.0 | |
Broadcom Symantec Data Center Security | =6.6.0 | |
Broadcom Symantec Critical System Protection | =1.0 | |
Broadcom Symantec Embedded Security Critical System Protection | =6.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-8800 has a critical severity rating due to its potential impact on system security.
To remediate CVE-2015-8800, you should upgrade to the appropriate patched versions listed by Broadcom Symantec.
CVE-2015-8800 affects versions of Symantec Critical System Protection prior to 5.2.9 MP6 and Embedded Security CSP prior to version 6.5.0 MP1.
CVE-2015-8800 is a critical security vulnerability that can lead to unauthorized access or system compromise.
There is currently no public information indicating that CVE-2015-8800 is being actively exploited, but it is advisable to apply the patch to prevent potential attacks.