Lucene search

[email protected]NVD:CVE-2013-4673

HistoryAug 01, 2013 - 1:32 p.m.

CVE-2013-4673

2013-08-0113:32:21

CWE-20

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 does not properly implement RADIUS authentication, which allows remote attackers to execute arbitrary code by leveraging access to the login prompt.

Affected configurations

NVD

Node

symantecweb_gatewayRange≤5.1

symantecweb_gatewayMatch5.0

symantecweb_gatewayMatch5.0.1

symantecweb_gatewayMatch5.0.2

symantecweb_gatewayMatch5.0.3

symantecweb_gatewayMatch5.0.3.18

AND

symantecweb_gateway_appliance_8450Match-

symantecweb_gateway_appliance_8490Match-

References

osvdb.org/95702

www.securityfocus.com/bid/61105

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130725_00

exchange.xforce.ibmcloud.com/vulnerabilities/85990

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

Related for NVD:CVE-2013-4673

prion1 cvelist1 cve1 nessus1 symantec1