CVE-2012-3580

2012-08-2910:56:40

[email protected]

web.nvd.nist.gov

symantec

messaging gateway

smg

cve-2012-3580

web application

authenticated users

management interface

nvd

6.4 Medium

AI Score

Confidence

Low

7.7 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

47.2%

JSON

Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.

Affected configurations

NVD

Node

symantecmessaging_gatewayRange≤9.5.4

symantecmessaging_gatewayMatch9.5

symantecmessaging_gatewayMatch9.5.1

symantecmessaging_gatewayMatch9.5.2

symantecmessaging_gatewayMatch9.5.3

CPENameOperatorVersion
symantec:messaging_gatewaysymantec messaging gatewayle9.5.4
symantec:messaging_gatewaysymantec messaging gatewayeq9.5
symantec:messaging_gatewaysymantec messaging gatewayeq9.5.1
symantec:messaging_gatewaysymantec messaging gatewayeq9.5.2
symantec:messaging_gatewaysymantec messaging gatewayeq9.5.3

CPE	Name	Operator	Version
symantec:messaging_gateway	symantec messaging gateway	le	9.5.4
symantec:messaging_gateway	symantec messaging gateway	eq	9.5
symantec:messaging_gateway	symantec messaging gateway	eq	9.5.1
symantec:messaging_gateway	symantec messaging gateway	eq	9.5.2
symantec:messaging_gateway	symantec messaging gateway	eq	9.5.3