Vulnerability Details : CVE-2012-3580
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
Exploit prediction scoring system (EPSS) score for CVE-2012-3580
Probability of exploitation activity in the next 30 days: 0.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 45 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-3580
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.7
|
HIGH | AV:A/AC:L/Au:S/C:C/I:C/A:C |
5.1
|
10.0
|
NIST |
References for CVE-2012-3580
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/78032
Symantec Messaging Gateway management interface security bypass CVE-2012-3580 Vulnerability Report
-
http://www.securityfocus.com/bid/55141
Symantec Messaging Gateway CVE-2012-3580 Security Bypass Vulnerability
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00
Symantec Messaging Gateway Security IssuesVendor Advisory
Products affected by CVE-2012-3580
- cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:9.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:9.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:9.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:9.5:*:*:*:*:*:*:*