7.8

CVE-2016-2203

Exploit
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SymantecMessaging Gateway Version10.6.0 Updatepatch3
SymantecMessaging Gateway Version10.6.0 Updatepatch5
SymantecMessaging Gateway Version10.6.0 Updatepatch7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.06% 0.934
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/136758/Symantec-Brightmail-10.6.0-7-LDAP-Credential-Grabber.html
Third Party Advisory
Exploit
VDB Entry
http://www.securityfocus.com/bid/86137
Third Party Advisory
Exploit
VDB Entry
http://www.securitytracker.com/id/1035609
Third Party Advisory
VDB Entry
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160418_00
Vendor Advisory
https://www.exploit-db.com/exploits/39715/
Third Party Advisory
Exploit
VDB Entry