Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability.