Lucene search

SymantecCVE-2015-5693

HistorySep 20, 2015 - 8:59 p.m.

CVE-2015-5693

2015-09-2020:59:08

CWE-94

symantec

web.nvd.nist.gov

symantec

web gateway

swg

vulnerability

management console

cve-2015-5693

nvd

security issue

CVSS2

7.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.007

Percentile

80.2%

JSON

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to “traffic capture.”

Affected configurations

Nvd

Node

symantecweb_gatewayRange≤5.2.2

VendorProductVersionCPE
symantecweb_gateway*cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	web_gateway	*	cpe:2.3:a:symantec:web_gateway::::::::

References

www.securityfocus.com/bid/76731

www.securitytracker.com/id/1033625

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00

www.zerodayinitiative.com/advisories/ZDI-15-444/

CVSS2

7.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.007

Percentile

80.2%

JSON

Related for CVE-2015-5693