Lucene search
HistoryFeb 11, 2014 - 2:55 a.m.
CVE-2013-5013
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.71
Percentile
98.1%
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified other vectors.
Affected configurations
Node
symantecweb_gatewayRange≤5.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | web_gateway | * | cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-5013
2014-02-11 02:00:00
prion
prion
Cross site scripting
2014-02-11 02:55:00
checkpoint_advisories
checkpoint_advisories
Symantec Web Gateway blacklist.php Cross Site Scripting (CVE-2013-5013)
2014-03-16 00:00:00
cve
cve
CVE-2013-5013
2014-02-11 02:55:08
symantec
symantec
Symantec Web Gateway Security Management Console Multiple Security Issues
2014-02-10 08:00:00
nessus
nessus
Symantec Web Gateway <= 5.1.1 Multiple Vulnerabilities (SYM14-003)
2014-02-13 00:00:00
Symantec Web Gateway < 5.2 Multiple Vulnerabilities (SYM14-003)
2015-05-13 00:00:00
openvas
openvas
Symantec Web Gateway Cross-Site Scripting and SQL Injection Vulnerabilities
2014-03-10 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.71
Percentile
98.1%
Related for NVD:CVE-2013-5013