CVE-2014-1643
UnknownEPSS 0.75%
Last modified
CVE-2014-1643 is a vulnerability of currently unknown severity. The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.. EPSS estimates a 0.75% chance of exploitation in the next 30 days.
Description
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Encryption Management Server | <= 3.3.1 |
| Symantec | Encryption Management Server | 3.3.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-1643?
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
How severe is CVE-2014-1643?
Severity scoring for CVE-2014-1643 is pending analysis. The EPSS model estimates a 0.75% probability of exploitation in the next 30 days.
How do I fix CVE-2014-1643?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2014-1643?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST