12 matches found
EUVD-2017-15384
Malware in sbrugna...
Server side request forgery (ssrf)
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...
CVE-2017-6323
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...
Multiple Cross-Site Scripting Vulnerabilities in Symantec Management Console
Symantec Management Console is Symantec's web-based user interface for managing Symantec Management Platform and other installed solutions. Symantec Management Console has multiple cross-site scripting vulnerabilities that stem from the program failing to properly validate user input. An attacker...
Symantec Management Console File Name Handling Path Traversal Remote Access (SYM17-013)
The version of Symantec Manager Console running on the remote host is earlier than ITM 8.1 RU4 and is therefore affected by a directory traversal vulnerability in the Management Console that allows unauthorized access to the file system. C Tenable Network Security, Inc. include"compat.inc"; if...
Symantec Management Console Directory Traversal Vulnerability
Symantec Management Console is a set of management console programs from Symantec Corporation USA. The program is used to manage the web-based user interface for Symantec Management Platform and other Symantec solutions. A directory traversal vulnerability exists in Symantec Management Console IT...
CVE-2017-15527
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...
Directory traversal
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...
CVE-2017-15527
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...
Symantec Management Console Directory Traversal
SUMMARY Symantec has released an update to address an issue in the Symantec Management Console product. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-15527 | Prior to ITMS 8.1 RU4, ITMS 8.0 POST HF6 & ITMS 7.6 POST HF7 | Upgrade to ITMS 8.1 RU4,...
Multiple XML External Entity Injection Vulnerabilities in Symantec Management Console
Symantec Management Console is a management tool console. Multiple XML external entity injection vulnerabilities exist in Symantec Management Console. An attacker could exploit the vulnerabilities to obtain potentially sensitive information or cause a denial of service condition. This could lead ...
Symantec Management Console XSS/XXE Issues
SUMMARY Symantec has released an update to address two issues that were discovered in the Symantec Management Console. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-6322 CVE-2017-6323 | Prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6 & ITMS 7.6POSTHF7 |...