The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible.
Max CVSS
8.8
EPSS Score
0.10%
Published
2018-09-19
Updated
2018-12-08
The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
Max CVSS
8.0
EPSS Score
0.05%
Published
2018-07-25
Updated
2019-10-03
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
Max CVSS
8.8
EPSS Score
0.24%
Published
2018-06-20
Updated
2019-10-03
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
Max CVSS
8.3
EPSS Score
0.51%
Published
2018-04-30
Updated
2019-10-03
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser.
Max CVSS
8.8
EPSS Score
0.16%
Published
2017-08-11
Updated
2017-08-24

CVE-2017-6327

Known exploited
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.
Max CVSS
8.8
EPSS Score
37.99%
Published
2017-08-11
Updated
2019-10-03
CISA KEV Added
2021-11-03
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
Max CVSS
8.0
EPSS Score
0.05%
Published
2018-04-16
Updated
2018-05-23
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.
Max CVSS
8.8
EPSS Score
0.15%
Published
2017-05-11
Updated
2018-05-25
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Max CVSS
8.0
EPSS Score
0.39%
Published
2016-06-30
Updated
2017-09-03
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Max CVSS
8.0
EPSS Score
0.21%
Published
2016-06-30
Updated
2017-09-01
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
Max CVSS
8.8
EPSS Score
0.24%
Published
2016-06-30
Updated
2017-09-01
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window.
Max CVSS
8.8
EPSS Score
0.23%
Published
2016-06-30
Updated
2017-09-01
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
Max CVSS
8.2
EPSS Score
0.04%
Published
2016-04-22
Updated
2016-12-03
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
8.8
EPSS Score
0.13%
Published
2016-03-18
Updated
2016-12-03
Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script.
Max CVSS
8.5
EPSS Score
0.19%
Published
2016-03-18
Updated
2016-12-03
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port.
Max CVSS
8.5
EPSS Score
0.31%
Published
2015-11-12
Updated
2016-12-07
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.
Max CVSS
8.3
EPSS Score
0.32%
Published
2015-09-20
Updated
2016-12-22
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."
Max CVSS
8.5
EPSS Score
0.82%
Published
2015-09-20
Updated
2016-12-22
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
Max CVSS
8.5
EPSS Score
0.04%
Published
2015-08-01
Updated
2017-09-21

CVE-2015-1489

Public exploit
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
Max CVSS
8.5
EPSS Score
40.57%
Published
2015-08-01
Updated
2017-09-21
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
Max CVSS
8.3
EPSS Score
2.55%
Published
2013-08-01
Updated
2014-01-17
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.
Max CVSS
8.5
EPSS Score
1.90%
Published
2011-02-02
Updated
2018-10-10
The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless of whether they are marked safe for scripting. NOTE: this CVE was inadvertently used for an E-mail Auto-Protect issue, but that issue has been assigned CVE-2007-3771.
Max CVSS
8.5
EPSS Score
0.48%
Published
2007-05-11
Updated
2017-07-20
23 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!