Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-9099
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 before 6.7.2.1, ProxySG 6.5 before 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 before 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to re...
Broadcom Advanced Secure Gateway
Broadcom Symantec Proxysg
Broadcom Advanced Secure Gateway 6.6
Broadcom Symantec Proxysg 6.6
5.7
CVSSv3
CVE-2016-2206
The management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 allows remote authenticated users to read arbitrary files by modify...
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.6.0
5.7
CVSSv3
CVE-2016-2205
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior t...
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Streaming 7.6.0
5.4
CVSSv3
CVE-2016-6588
A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0.
Symantec It Management Suite 8.0
5.3
CVSSv3
CVE-2022-25626
An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4
5.3
CVSSv3
CVE-2017-10349
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 5.8
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
4.8
CVSSv3
CVE-2017-13678
Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.
Broadcom Advanced Secure Gateway
Broadcom Symantec Proxysg
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2015-6547
The management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.
Symantec Web Gateway
NA
CVE-2015-6548
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »