Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15384

Malware in sbrugna...

8CVSS7.9AI score0.00521EPSS
Exploits0References3
Prion
Prion
added 2018/04/16 7:29 p.m.21 views

Server side request forgery (ssrf)

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...

5.2CVSS7.7AI score0.00521EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/04/16 7:29 p.m.3 views

CVE-2017-6323

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...

8CVSS5.8AI score0.00521EPSS
Exploits0References2
CNVD
CNVD
added 2018/03/01 12:0 a.m.1 views

Multiple Cross-Site Scripting Vulnerabilities in Symantec Management Console

Symantec Management Console is Symantec's web-based user interface for managing Symantec Management Platform and other installed solutions. Symantec Management Console has multiple cross-site scripting vulnerabilities that stem from the program failing to properly validate user input. An attacker...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.46 views

Symantec Management Console File Name Handling Path Traversal Remote Access (SYM17-013)

The version of Symantec Manager Console running on the remote host is earlier than ITM 8.1 RU4 and is therefore affected by a directory traversal vulnerability in the Management Console that allows unauthorized access to the file system. C Tenable Network Security, Inc. include"compat.inc"; if...

6.8CVSS7AI score0.01095EPSS
Exploits0References3
CNVD
CNVD
added 2017/11/21 12:0 a.m.5 views

Symantec Management Console Directory Traversal Vulnerability

Symantec Management Console is a set of management console programs from Symantec Corporation USA. The program is used to manage the web-based user interface for Symantec Management Platform and other Symantec solutions. A directory traversal vulnerability exists in Symantec Management Console IT...

6.8CVSS6.9AI score0.01095EPSS
Exploits0References1
OSV
OSV
added 2017/11/20 7:29 p.m.5 views

CVE-2017-15527

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...

6.8CVSS5.8AI score0.01095EPSS
Exploits0References2
Prion
Prion
added 2017/11/20 7:29 p.m.21 views

Directory traversal

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...

5.2CVSS6.6AI score0.01095EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/20 7:29 p.m.27 views

CVE-2017-15527

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...

6.8CVSS6.6AI score0.01095EPSS
Exploits0References2
Symantec
Symantec
added 2017/11/20 8:0 a.m.41 views

Symantec Management Console Directory Traversal

SUMMARY Symantec has released an update to address an issue in the Symantec Management Console product. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-15527 | Prior to ITMS 8.1 RU4, ITMS 8.0 POST HF6 & ITMS 7.6 POST HF7 | Upgrade to ITMS 8.1 RU4,...

10CVSS0.7AI score0.72759EPSS
Exploits5Affected Software1
CNVD
CNVD
added 2017/06/29 12:0 a.m.3 views

Multiple XML External Entity Injection Vulnerabilities in Symantec Management Console

Symantec Management Console is a management tool console. Multiple XML external entity injection vulnerabilities exist in Symantec Management Console. An attacker could exploit the vulnerabilities to obtain potentially sensitive information or cause a denial of service condition. This could lead ...

8CVSS7.2AI score0.00521EPSS
Exploits0References1
Symantec
Symantec
added 2017/06/28 8:0 a.m.32 views

Symantec Management Console XSS/XXE Issues

SUMMARY Symantec has released an update to address two issues that were discovered in the Symantec Management Console. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-6322 CVE-2017-6323 | Prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6 & ITMS 7.6POSTHF7 |...

5.2CVSS0.00521EPSS
Exploits0Affected Software1
Rows per page
Query Builder