Lucene search

[email protected]NVD:CVE-2014-1652

HistoryJun 18, 2014 - 7:55 p.m.

CVE-2014-1652

2014-06-1819:55:04

CWE-79

[email protected]

web.nvd.nist.gov

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

7.7 High

AI Score

Confidence

Low

0.26 Low

EPSS

Percentile

96.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.

Affected configurations

NVD

Node

symantecweb_gatewayRange≤5.1.1

symantecweb_gatewayMatch5.1

References

www.kb.cert.org/vuls/id/719172

www.securityfocus.com/bid/67755

www.securitytracker.com/id/1030443

www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

7.7 High

AI Score

Confidence

Low

0.26 Low

EPSS

Percentile

96.8%

JSON

Related for NVD:CVE-2014-1652

cvelist1 cve1 checkpoint_advisories1 prion1 openvas1 cert1 symantec1 nessus1