Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9224


Vulnerability Score 3.5 3.5
CVE Id CVE-2014-9224
Last Modified 22 Jan 2015 10:20:13
Published 21 Jan 2015 10:17:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems


  • Symantec Critical System Protection 5.2.9

  • Symantec Data Center Security 6.0.0



BID - 72093

Last Updated: 27 May 2016 11:07:36