Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4673
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 does not properly implement RADIUS authentication, which allows remote malicious users to execute arbitrary code by leveraging access to the login prompt.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-1614
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vector...
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
NA
CVE-2013-1613
SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
NA
CVE-2013-1615
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allows remote malicious users to obtain sensitive information via unspecified web-GUI API calls.
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
NA
CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x prior to 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote malicious users to execute arbitrary code via unspecified vect...
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Center 12.0.1
Symantec Endpoint Protection Center 12.0.0
1 EDB exploit
NA
CVE-2013-1611
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Brightmail Gateway 9.5
Symantec Brightmail Gateway 9.5.1
NA
CVE-2013-1608
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote malicious users to read arbitrary files via unspecified vectors.
Symantec Netbackup Appliance 2.0.0
NA
CVE-2012-4348
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x prior to 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execu...
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.3001
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0.7000
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 12.1.1000
Symantec Endpoint Protection 12.1.671
Symantec Endpoint Protection 12.0
NA
CVE-2012-4347
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSe...
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.4
Symantec Messaging Gateway 9.5.1
1 EDB exploit
NA
CVE-2012-2976
The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »