Lucene search

[email protected]NVD:CVE-2015-6548

HistorySep 20, 2015 - 8:59 p.m.

CVE-2015-6548

2015-09-2020:59:10

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:M/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.002

Percentile

53.3%

JSON

Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

Nvd

Node

symantecweb_gatewayRange≤5.2.2

VendorProductVersionCPE
symantecweb_gateway*cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	web_gateway	*	cpe:2.3:a:symantec:web_gateway::::::::

References

www.securityfocus.com/bid/76729

www.securitytracker.com/id/1033625

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:M/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.002

Percentile

53.3%

JSON

Related for NVD:CVE-2015-6548

cvelist1 prion1 cve1 symantec1 nessus1