Lucene search
K
BroadcomSymantec Messaging Gateway

6 matches found

CVE
CVE
added 2014/04/07 12:0 a.m.4349 views

CVE-2014-0160

CVE-2014-0160 (Heartbleed) is an information-disclosure vulnerability in OpenSSL’s TLS/DTLS heartbeat implementation. Affected: OpenSSL 1.0.1 before 1.0.1g. Root cause: improper handling of the Heartbeat extension (d1_both.c, t1_lib.c) leading to a buffer over-read, enabling an attacker to read m...

7.5CVSS7.5AI score0.99999EPSS
In wild
CVE
CVE
added 2020/12/10 5:21 a.m.76 views

CVE-2020-12594

CVE-2020-12594 affects Symantec Messaging Gateway (SMG) appliances prior to version 10.7.4. The issue is a privilege-escalation vulnerability: an authenticated, privileged CLI user can elevate privileges to gain full control over the SMG system. Affected component/condition: CLI access within SMG...

9CVSS7.3AI score0.01492EPSS
CVE
CVE
added 2022/06/24 3:0 p.m.76 views

CVE-2021-30651

CVE-2021-30651 relates to Broadcom Symantec Messaging Gateway (SMG). An authenticated SMG administrator can obtain passwords for external LDAP/Active Directory servers, representing an information disclosure vulnerability. The NVD entry records network access with authenticated, low complexity co...

4.9CVSS5AI score0.00694EPSS
CVE
CVE
added 2020/12/10 5:21 a.m.68 views

CVE-2020-12595

CVE-2020-12595 concerns Symantec Messaging Gateway (SMG). The vulnerability is an information disclosure in which a malicious, authenticated, privileged web UI user can obtain the password for a remote SCP backup server they would not normally access. Affects SMG before version 10.7.4. Connected ...

4.9CVSS5.4AI score0.00856EPSS
CVE
CVE
added 2024/01/25 11:32 p.m.48 views

CVE-2024-23614

CVE-2024-23614 describes a buffer overflow in Symantec Messaging Gateway (SMG) 9.5 and earlier . The vulnerability allows a remote, anonymous attacker to achieve remote code execution as root . Public sources consistently identify the affected software and generic impact; there are no concrete ex...

10CVSS9.8AI score0.01609EPSS
CVE
CVE
added 2024/01/25 11:32 p.m.47 views

CVE-2024-23615

Symantec Messaging Gateway CVE-2024-23615 is a buffer overflow affecting versions 10.5 and earlier. A remote, anonymous attacker can trigger remote code execution as root. Public descriptions reiterate the same impact; no exploits or detailed vectors are provided in the supplied documents. PT-202...

10CVSS9.8AI score0.01881EPSS