12 matches found
EUVD-2021-17559
Malware in sbrugna...
EUVD-2018-4219
Malware in sbrugna...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
Input validation
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
OS Command Injection in Security Analytics
Summary The Symantec Security Analytics web UI is susceptible to an OS command injection vulnerability. A remote unauthenticated attacker, who has access to the Security Analytics web UI, can execute arbitrary OS commands on the target with elevated privileges. Affected Products The following...
Symantec Security Analytics Web UI 操作系统命令注入漏洞
Symantec Security Analytics Web UI is an application from Symantec Corporation, USA. Symantec Security Analytics suffers from an operating system command injection vulnerability that results from improper input validation. An unauthenticated, remote attacker could use this vulnerability to send...
Symantec Security Analytics Cross-Site Scripting Vulnerability
Symantec Security Analytics SA is a suite of security analytics solutions from Symantec USA. The product is mainly used for the discovery and organization of network threats, supporting real-time analysis and logging of network threats. A cross-site scripting vulnerability exists in the Web UI in...
Cross site scripting
The Symantec Security Analytics SA 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks ...
CVE-2018-12241
The Symantec Security Analytics SA 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks ...