Vulnerability Details : CVE-2016-2203
Public exploit exists!
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
Exploit prediction scoring system (EPSS) score for CVE-2016-2203
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-2203
-
Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability
Disclosure Date: 2015-12-17First seen: 2020-04-26auxiliary/scanner/http/symantec_brightmail_ldapcredsThis module will grab the AD account saved in Symantec Messaging Gateway and then decipher it using the disclosed Symantec PBE key. Note that authentication is required in order to successfully grab the LDAP credentials, and you need at least a read account. Version
CVSS scores for CVE-2016-2203
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-2203
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2203
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160418_00
Symantec Messaging Gateway Multiple Security IssuesVendor Advisory
-
http://www.securityfocus.com/bid/86137
Symantec Messaging Gateway CVE-2016-2203 Local Password Disclosure VulnerabilityExploit;Third Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/39715/
Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/136758/Symantec-Brightmail-10.6.0-7-LDAP-Credential-Grabber.html
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1035609
Symantec Messaging Gateway Flaws Let Local Users Obtain and Decrypt Passwords and Execute Arbitrary Shell Commands on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Products affected by CVE-2016-2203
- cpe:2.3:a:symantec:messaging_gateway:10.6.0:patch3:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:10.6.0:patch5:*:*:*:*:*:*
- cpe:2.3:a:symantec:messaging_gateway:10.6.0:patch7:*:*:*:*:*:*