CVE-2012-0297 : The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts,

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.

Published 2012-05-21 20:55:18

Updated 2017-12-05 02:29:02

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2012-0297

Probability of exploitation activity in the next 30 days: 97.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2012-0297

Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability

Disclosure Date: 2012-05-17

First seen: 2020-04-26

exploit/linux/http/symantec_web_gateway_lfi

This module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note tha

More information
Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

Disclosure Date: 2012-05-17

First seen: 2020-04-26

exploit/linux/http/symantec_web_gateway_exec

This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. Au

More information

CVSS scores for CVE-2012-0297

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2012-0297

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-0297

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00

Symantec Web Gateway Multiple Security Issues
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/75731

Symantec Web Gateway file include CVE-2012-0297 Vulnerability Report
http://www.securityfocus.com/bid/53444

Symantec Web Gateway Remote Shell Command Execution Vulnerability

Products affected by CVE-2012-0297

Symantec » Web Gateway » Version: 5.0
cpe:2.3:a:symantec:web_gateway:5.0:*:*:*:*:*:*:*
Matching versions
Symantec » Web Gateway » Version: 5.0.1
cpe:2.3:a:symantec:web_gateway:5.0.1:*:*:*:*:*:*:*
Matching versions
Symantec » Web Gateway » Version: 5.0.2
cpe:2.3:a:symantec:web_gateway:5.0.2:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-0297