Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSymantecCVELIST:CVE-2017-6323
HistoryJun 28, 2017 - 12:00 a.m.

CVE-2017-6323

2017-06-2800:00:00
symantec
www.cve.org

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.1%

JSON

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

CNA Affected

[
  {
    "product": "ITMS",
    "vendor": "Symantec Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
nessus 1
symantec 1
prion
prion
Server side request forgery (ssrf)
2018-04-16 19:29:00
cve
cve
CVE-2017-6323
2018-04-16 19:29:00
nvd
nvd
CVE-2017-6323
2018-04-16 19:29:00
nessus
nessus
Symantec Management Console Multiple XSS and XXE Vulnerabilities (SYM17-005)
2017-08-04 00:00:00
symantec
symantec
Symantec Management Console XSS/XXE Issues
2017-06-28 08:00:00

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.1%

JSON
Related for CVELIST:CVE-2017-6323
prion1cve1nvd1nessus1symantec1