10
CVE-2012-0297
- EPSS 72.6%
- Veröffentlicht 21.05.2012 20:55:17
- Zuletzt bearbeitet 16.06.2026 23:37:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Web Gateway Version5.0
Symantec ≫ Web Gateway Version5.0.1
Symantec ≫ Web Gateway Version5.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 72.6% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
http://www.securityfocus.com/bid/53444
https://exchange.xforce.ibmcloud.com/vulnerabilities/75731