Lucene search

[email protected]CVE-2015-5693

HistorySep 20, 2015 - 8:59 p.m.

CVE-2015-5693

2015-09-2020:59:08

CWE-94

[email protected]

web.nvd.nist.gov

symantec

web gateway

swg

vulnerability

management console

cve-2015-5693

nvd

security issue

7.9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to “traffic capture.”

Affected configurations

NVD

Node

symantecweb_gatewayRange≤5.2.2

CPENameOperatorVersion
symantec:web_gatewaysymantec web gatewayle5.2.2

CPE	Name	Operator	Version
symantec:web_gateway	symantec web gateway	le	5.2.2

References

www.securityfocus.com/bid/76731

www.securitytracker.com/id/1033625

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00

www.zerodayinitiative.com/advisories/ZDI-15-444/

7.9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2015-5693

cvelist1 prion1 nvd1 zdi1 symantec1 nessus1