Lucene search
HistoryJul 23, 2012 - 5:55 p.m.
CVE-2012-2976
cve-2012-2976
symantec
web gateway
remote code execution
injection issue
security vulnerability
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.9%
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an “injection” issue.
Affected configurations
Node
symantecweb_gatewayMatch5.0
ORsymantecweb_gatewayMatch5.0.1
ORsymantecweb_gatewayMatch5.0.2
ORsymantecweb_gatewayMatch5.0.3
Related
nvd
nvd
CVE-2012-2976
2012-07-23 17:55:03
prion
prion
Design/Logic Flaw
2012-07-23 17:55:00
cvelist
cvelist
CVE-2012-2976
2012-07-23 17:00:00
dsquare
dsquare
Symantec Web Gateway 5.0.3 RCE
2013-02-08 00:00:00
nessus
nessus
Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011)
2012-08-06 00:00:00
openvas
openvas
Symantec Web Gateway Multiple Vulnerabilities
2012-07-24 00:00:00
cert
cert
Symantec Web Gateway contains multiple vulnerabilities
2012-07-24 00:00:00
symantec
symantec
Symantec Web Gateway Security Issues
2012-07-20 08:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.9%
Related for CVE-2012-2976