Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9224
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x up to and including 6.0 MP1...
Broadcom Symantec Critical System Protection 5.2.9
Symantec Data Center Security 6.0.0
1 EDB exploit
1 Article
NA
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Symantec Web Gateway
1 EDB exploit
2 Github repositories
NA
CVE-2014-3437
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, rel...
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
1 EDB exploit
NA
CVE-2014-3433
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x prior to 4.5 allows remote malicious users to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.
Symantec Data Insight 4.0
Symantec Data Insight 3.0.1
Symantec Data Insight 3.0
NA
CVE-2014-3432
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x prior to 4.5 allows remote malicious users to inject arbitrary web script or HTML via an unspecified form field.
Symantec Data Insight 3.0
Symantec Data Insight 4.0
Symantec Data Insight 3.0.1
NA
CVE-2014-1651
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) prior to 5.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
Symantec Web Gateway 5.1
NA
CVE-2014-1650
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) prior to 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
NA
CVE-2014-1652
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) prior to 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.
Symantec Web Gateway
Symantec Web Gateway 5.1
NA
CVE-2014-1648
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x prior to 10.5.2 allows remote malicious users to inject arbitrary web script or HTML via the displayTab parameter.
Symantec Messaging Gateway 10.5.1
Symantec Messaging Gateway 10.5.0
Symantec Messaging Gateway 10.0.1
Symantec Messaging Gateway 10.0.2
Symantec Messaging Gateway 10.0.3
Symantec Messaging Gateway 10.0
NA
CVE-2013-5014
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote malicious users to read arbitrary files via XML d...
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 11.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »