4 matches found
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
Symantec Security Analytics web UI contains an OS command injection flaw (CVE-2021-30642) in versions 7.2 before 7.2.7, 8.1 before 8.1.3-NSR3, 8.2 before 8.2.1-NSR2 or 8.2.2. An unauthenticated remote attacker can trigger arbitrary OS commands with elevated privileges via the web UI input validat...
OS Command Injection in Security Analytics
Summary The Symantec Security Analytics web UI is susceptible to an OS command injection vulnerability. A remote unauthenticated attacker, who has access to the Security Analytics web UI, can execute arbitrary OS commands on the target with elevated privileges. Affected Products The following...