An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.
[
{
"product": "Symantec Messaging Gateway (SMG)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "SMG prior to 10.7.4"
}
]
}
]