Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-0522
HistoryFeb 02, 2006 - 11:02 a.m.

CVE-2006-0522

2006-02-0211:02:00
[email protected]
web.nvd.nist.gov
5

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.005

Percentile

77.2%

JSON

SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL.

Affected configurations

Nvd
Node
symantecsygate_management_serverRange4.1_mr_2_build_1417_english
OR
symantecsygate_management_serverMatch3.5_mr_3_build_894_english
OR
symantecsygate_management_serverMatch4.0_mr_1_build_1104_english
OR
symantecsygate_management_serverMatch4.1_ga_build_1258_japanese
OR
symantecsygate_management_serverMatch4.1_mr1_build_1351_chinese
VendorProductVersionCPE
symantecsygate_management_server*cpe:2.3:a:symantec:sygate_management_server:*:*:*:*:*:*:*:*
symantecsygate_management_server3.5_mr_3_build_894_englishcpe:2.3:a:symantec:sygate_management_server:3.5_mr_3_build_894_english:*:*:*:*:*:*:*
symantecsygate_management_server4.0_mr_1_build_1104_englishcpe:2.3:a:symantec:sygate_management_server:4.0_mr_1_build_1104_english:*:*:*:*:*:*:*
symantecsygate_management_server4.1_ga_build_1258_japanesecpe:2.3:a:symantec:sygate_management_server:4.1_ga_build_1258_japanese:*:*:*:*:*:*:*
symantecsygate_management_server4.1_mr1_build_1351_chinesecpe:2.3:a:symantec:sygate_management_server:4.1_mr1_build_1351_chinese:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
cve 1
symantec 1
checkpoint_advisories 1
exploitdb 1
prion
prion
Sql injection
2006-02-02 11:02:00
cvelist
cvelist
CVE-2006-0522
2006-02-02 11:00:00
cve
cve
CVE-2006-0522
2006-02-02 11:02:00
symantec
symantec
Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection
2006-02-01 08:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Symantec Sygate Management Server SQL Injection Vulnerability
2006-07-05 00:00:00
exploitdb
exploitdb
Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)
2006-04-15 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.005

Percentile

77.2%

JSON
Related for NVD:CVE-2006-0522
prion1cvelist1cve1symantec1checkpoint_advisories1exploitdb1