Broadcom Symantec Critical System Protection — known CVE vulnerabilities
Every CVE whose affected-product data names Broadcom Symantec Critical System Protection, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2019-18374 — CVSS 9.8 (critical): Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability…
CVE-2014-3440 — CVSS 9.0 (critical): The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data…
CVE-2015-8157 — CVSS 8.8 (high): SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0…
CVE-2015-8798 — CVSS 8.0 (high): Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before…
CVE-2013-5016 — CVSS 7.6 (high): Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote…
CVE-2015-8799 — CVSS 7.6 (high): Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before…
CVE-2015-8800 — CVSS 7.3 (high): Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for…
CVE-2014-9226 — CVSS 7.2 (high): The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced…
CVE-2014-7289 — CVSS 6.5 (medium): SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data…
CVE-2014-9225 — CVSS 4.0 (medium): The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center…
CVE-2014-9224 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec…