Lucene search

K

[email protected]NVD:CVE-2014-1652

HistoryJun 18, 2014 - 7:55 p.m.

CVE-2014-1652

2014-06-1819:55:04

CWE-79

[email protected]

web.nvd.nist.gov

2

CVSS2

2.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

AI Score

7.7

Confidence

Low

EPSS

0.26

Percentile

96.7%

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.

Affected configurations

Nvd

Node

symantecweb_gatewayRange≤5.1.1

OR

symantecweb_gatewayMatch5.1

VendorProductVersionCPE
symantecweb_gateway*cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*
symantecweb_gateway5.1cpe:2.3:a:symantec:web_gateway:5.1:*:*:*:*:*:*:*

References

www.kb.cert.org/vuls/id/719172

www.securityfocus.com/bid/67755

www.securitytracker.com/id/1030443

www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00

CVSS2

2.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

AI Score

7.7

Confidence

Low

EPSS

0.26

Percentile

96.7%

Related for NVD:CVE-2014-1652

checkpoint_advisories1 prion1 cve1 cvelist1 cert1 openvas1 nessus1 symantec1