Lucene search

SymantecCVELIST:CVE-2013-1617

HistoryJul 31, 2013 - 3:00 p.m.

CVE-2013-1617

2013-07-3115:00:00

symantec

www.cve.org

AI Score

7.9

Confidence

Low

EPSS

0.003

Percentile

71.8%

JSON

Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.

References

packetstormsecurity.com/files/122556/Symantec-Web-Gateway-XSS-CSRF-SQL-Injection-Command-Injection.html

www.securityfocus.com/bid/61101

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130725_00

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130726-0_Symantec_Web_Gateway_Multiple_Vulnerabilities_v10.txt