Arbitrary User Email Access Vulnerability in Symantec Encryption Management Server

Arbitrary User Email Access Vulnerability in Symantec Encryption Management Server

CVE-2014-1643 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.

Learn more about our Web App Pen Testing.