Lucene search
HistoryJul 23, 2012 - 5:55 p.m.
CVE-2012-2977
symantec
web gateway
cve-2012-2977
remote attack
password change
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.6%
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.
Affected configurations
Node
symantecweb_gatewayMatch5.0
ORsymantecweb_gatewayMatch5.0.1
ORsymantecweb_gatewayMatch5.0.2
ORsymantecweb_gatewayMatch5.0.3
Related
packetstorm
packetstorm
Symantec Web Gateway 5.0.3.18 Password Change
2012-08-22 00:00:00
Symantec Web Gateway 5.0.3.18 Password Change
2012-08-22 00:00:00
openvas
openvas
Symantec Web Gateway Password Change Security Bypass Vulnerability
2012-08-22 00:00:00
Symantec Web Gateway Multiple Vulnerabilities
2012-07-24 00:00:00
prion
prion
Code injection
2012-07-23 17:55:00
cvelist
cvelist
CVE-2012-2977
2012-07-23 17:00:00
nvd
nvd
CVE-2012-2977
2012-07-23 17:55:03
cert
cert
Symantec Web Gateway contains multiple vulnerabilities
2012-07-24 00:00:00
symantec
symantec
Symantec Web Gateway Security Issues
2012-07-20 08:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.6%
Related for CVE-2012-2977