Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2016-10258
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and execu...
Broadcom Advanced Secure Gateway
Broadcom Symantec Proxysg
1 EDB exploit
6
CVSSv2
CVE-2015-1491
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
6
CVSSv2
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
5.8
CVSSv2
CVE-2017-10293
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Netapp Cloud Backup -
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Virtual Storage Console
Netapp E-series Santricity Storage Manager -
Netapp Oncommand Unified Manager -
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Management Plug-ins -
Netapp Oncommand Shift -
5.8
CVSSv2
CVE-2016-9099
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 before 6.7.2.1, ProxySG 6.5 before 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 before 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to re...
Broadcom Advanced Secure Gateway
Broadcom Symantec Proxysg
Broadcom Advanced Secure Gateway 6.6
Broadcom Symantec Proxysg 6.6
5.8
CVSSv2
CVE-2015-8151
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
Symantec Encryption Management Server
5.8
CVSSv2
CVE-2015-6548
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
5.8
CVSSv2
CVE-2014-1651
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) prior to 5.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
Symantec Web Gateway 5.1
5.8
CVSSv2
CVE-2013-4673
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 does not properly implement RADIUS authentication, which allows remote malicious users to execute arbitrary code by leveraging access to the login prompt.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
5.8
CVSSv2
CVE-2012-0294
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 prior to 12.1 RU1-MP1 allows remote malicious users to delete files via unspecified vectors.
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 12.1.671
Symantec Endpoint Protection 12.1.1000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »