Messaging Gateway@9.5.3 Security Vulnerabilities and Issues — Messaging Gateway@9.5.3 CVE List

Lucene search

SymantecMessaging Gateway9.5.3

6 matches found

CVE•added 2012/08/29 10:56 a.m.•57 views

CVE-2012-0308

Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators.

6.8CVSS7AI score0.00224EPSS

CVE•added 2012/08/29 10:56 a.m.•51 views

CVE-2012-3579

Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.

7.9CVSS6.6AI score0.36373EPSS

CVE•added 2012/12/05 11:57 a.m.•40 views

CVE-2012-4347

Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter i...

5CVSS6.5AI score0.69707EPSS

CVE•added 2012/08/29 10:56 a.m.•39 views

CVE-2012-3580

Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.

7.7CVSS6.4AI score0.00897EPSS

CVE•added 2012/08/29 10:56 a.m.•38 views

CVE-2012-0307

Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.

4.3CVSS5.8AI score0.00609EPSS

CVE•added 2012/08/29 10:56 a.m.•31 views

CVE-2012-3581

Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.

3.3CVSS6.3AI score0.00153EPSS