Lucene search

[email protected]NVD:CVE-2014-1651

HistoryJun 18, 2014 - 7:55 p.m.

CVE-2014-1651

2014-06-1819:55:04

CWE-89

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

9.9 High

AI Score

Confidence

High

0.043 Low

EPSS

Percentile

92.4%

JSON

SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) before 5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

symantecweb_gatewayRange≤5.1.1

symantecweb_gatewayMatch5.1

References

www.kb.cert.org/vuls/id/719172

www.securityfocus.com/bid/67754

www.securitytracker.com/id/1030443

www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

9.9 High

AI Score

Confidence

High

0.043 Low

EPSS

Percentile

92.4%

JSON

Related for NVD:CVE-2014-1651

checkpoint_advisories1 cve1 cvelist1 prion1 openvas1 cert1 symantec1 nessus1