CVE Vulnerabilities

CVE-2008-4389

Improper Authentication

Published: Jun 17, 2010 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Workspace_streaming Symantec 6.1 6.1
Workspace_streaming Symantec 6.1 6.1
Workspace_streaming Symantec 6.1 6.1
Workspace_streaming Symantec 6.1 6.1

Potential Mitigations

References