Lucene search

[email protected]NVD:CVE-2015-5693

HistorySep 20, 2015 - 8:59 p.m.

CVE-2015-5693

2015-09-2020:59:08

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

7.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.007

Percentile

80.2%

JSON

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to “traffic capture.”

Affected configurations

Nvd

Node

symantecweb_gatewayRange≤5.2.2

VendorProductVersionCPE
symantecweb_gateway*cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	web_gateway	*	cpe:2.3:a:symantec:web_gateway::::::::

References

www.securityfocus.com/bid/76731

www.securitytracker.com/id/1033625

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00

www.zerodayinitiative.com/advisories/ZDI-15-444/

CVSS2

7.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.007

Percentile

80.2%

JSON

Related for NVD:CVE-2015-5693

prion1 cve1 cvelist1 zdi1 symantec1 nessus1