Lucene search
HistoryJul 23, 2012 - 5:55 p.m.
CVE-2012-2976
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
57.8%
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an “injection” issue.
Affected configurations
Node
symantecweb_gatewayMatch5.0
ORsymantecweb_gatewayMatch5.0.1
ORsymantecweb_gatewayMatch5.0.2
ORsymantecweb_gatewayMatch5.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | web_gateway | 5.0 | cpe:2.3:a:symantec:web_gateway:5.0:*:*:*:*:*:*:* |
| symantec | web_gateway | 5.0.1 | cpe:2.3:a:symantec:web_gateway:5.0.1:*:*:*:*:*:*:* |
| symantec | web_gateway | 5.0.2 | cpe:2.3:a:symantec:web_gateway:5.0.2:*:*:*:*:*:*:* |
| symantec | web_gateway | 5.0.3 | cpe:2.3:a:symantec:web_gateway:5.0.3:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2012-2976
2012-07-23 17:55:03
prion
prion
Design/Logic Flaw
2012-07-23 17:55:00
cvelist
cvelist
CVE-2012-2976
2012-07-23 17:00:00
dsquare
dsquare
Symantec Web Gateway 5.0.3 RCE
2013-02-08 00:00:00
nessus
nessus
Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011)
2012-08-06 00:00:00
openvas
openvas
Symantec Web Gateway Multiple Vulnerabilities
2012-07-24 00:00:00
symantec
symantec
Symantec Web Gateway Security Issues
2012-07-20 08:00:00
cert
cert
Symantec Web Gateway contains multiple vulnerabilities
2012-07-24 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
57.8%
Related for NVD:CVE-2012-2976