Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-1615
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allows remote malicious users to obtain sensitive information via unspecified web-GUI API calls.
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
NA
CVE-2011-0552
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager prior to 8.4.18 allow remote malicious users to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2)...
Symantec Im Manager 8.4.1
Symantec Im Manager 8.4.2
Symantec Im Manager 8.4.12
Symantec Im Manager 8.4.11
Symantec Im Manager 7.0
Symantec Im Manager 8.4.16
Symantec Im Manager 8.4.10
Symantec Im Manager 8.4.0
Symantec Im Manager 6.0
Symantec Im Manager 7.5
Symantec Im Manager 8.4.5
Symantec Im Manager 8.4.6
Symantec Im Manager 8.4.15
Symantec Im Manager 8.4.13
Symantec Im Manager
Symantec Im Manager 8.4.7
Symantec Im Manager 8.4.8
Symantec Im Manager 8.4.9
Symantec Im Manager 8.3
Symantec Im Manager 6.5
NA
CVE-2010-0115
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 prior to 4.5.0.376 allows remote malicious users to execute arbitrary SQL commands via the USERNAME parameter.
Symantec Web Gateway 4.5.0.325
Symantec Web Gateway 4.5.0.326
Symantec Web Gateway 4.5.0.327
Symantec Web Gateway 4.5
NA
CVE-2012-4348
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x prior to 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execu...
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.3001
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0.7000
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 12.1.1000
Symantec Endpoint Protection 12.1.671
Symantec Endpoint Protection 12.0
NA
CVE-2013-1613
SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
NA
CVE-2013-5009
The Management Console in Symantec Endpoint Protection (SEP) 11.x prior to 11.0.7.4 and 12.x prior to 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x prior to 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privi...
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.7000
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.3001
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6300
NA
CVE-2013-1614
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vector...
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
7.2
CVSSv3
CVE-2016-9097
The Symantec Advanced Secure Gateway (ASG) 6.6 before 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 before 6.6.5.8, and ProxySG 6.7 before 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with r...
Broadcom Advanced Secure Gateway 6.6.5.1
Broadcom Advanced Secure Gateway 6.6.4
Broadcom Advanced Secure Gateway 6.6.4.3
Broadcom Advanced Secure Gateway 6.6.3
Broadcom Advanced Secure Gateway 6.6
Broadcom Symantec Proxysg 6.5.6.1
Broadcom Symantec Proxysg 6.5.2.10
Broadcom Symantec Proxysg 6.5
Broadcom Symantec Proxysg 6.5.9.8
Broadcom Symantec Proxysg 6.5.9.2
Broadcom Symantec Proxysg 6.5.2
Broadcom Symantec Proxysg 6.5.1
Broadcom Symantec Proxysg 6.5.7.6
Broadcom Symantec Proxysg 6.5.9.14
Broadcom Symantec Proxysg 6.5.5.7
Broadcom Symantec Proxysg 6.5.9.10
Broadcom Symantec Proxysg 6.5.4.1
Broadcom Symantec Proxysg 6.6
Broadcom Symantec Proxysg 6.6.2.2
Broadcom Symantec Proxysg 6.6.3
Broadcom Symantec Proxysg 6.6.4.3
Broadcom Symantec Proxysg 6.6.4
NA
CVE-2014-1648
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x prior to 10.5.2 allows remote malicious users to inject arbitrary web script or HTML via the displayTab parameter.
Symantec Messaging Gateway 10.5.1
Symantec Messaging Gateway 10.5.0
Symantec Messaging Gateway 10.0.1
Symantec Messaging Gateway 10.0.2
Symantec Messaging Gateway 10.0.3
Symantec Messaging Gateway 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »