CVE-2017-15527

Summary

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationSymantec Management ConsolePrior to ITMS 8.1 RU4affected

Weaknesses

  • Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References