Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3580

Overview

Vulnerability Score 7.7 7.7
CVE Id CVE-2012-3580
Last Modified 10 Oct 2013 04:49:37
Published 29 Aug 2012 06:56:40
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-3580

Summary

Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.

Vulnerable Systems

Application

  • Symantec Messaging Gateway 9.5

  • Symantec Messaging Gateway 9.5.1

  • Symantec Messaging Gateway 9.5.2

  • Symantec Messaging Gateway 9.5.3

  • Symantec Messaging Gateway 9.5.4


References

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00

BID - 55141

XF - symantec-gateway-interface-sec-bypass(78032)


Last Updated: 27 May 2016 11:00:24