Lucene search

[email protected]CVE-2012-0303

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-0303

2022-10-0316:15:41

CWE-352

[email protected]

web.nvd.nist.gov

cve-2012-0303

cross-site request forgery

csrf

brightmail control center

symantec message filter

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) execute application commands or (2) create admin accounts.

Affected configurations

NVD

Node

symantecmessage_filterRange≤6.3

CPENameOperatorVersion
symantec:message_filtersymantec message filterle6.3

CPE	Name	Operator	Version
symantec:message_filter	symantec message filter	le	6.3

References

www.securityfocus.com/bid/54133

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120626_00

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.7%

JSON

Related for CVE-2012-0303

prion1 cvelist1 nvd1 openvas2 nessus1 symantec1