Security Information Manager Security Vulnerabilities and Issues — Security Information Manager CVE List

Lucene search

SymantecSecurity Information Manager

4 matches found

CVE•added 2006/06/19 10:2 a.m.•45 views

CVE-2006-3072

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.

4.6CVSS7.7AI score0.00077EPSS

CVE•added 2013/07/08 5:55 p.m.•41 views

CVE-2013-1613

SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

4.7CVSS8.2AI score0.00516EPSS

CVE•added 2013/07/08 5:55 p.m.•41 views

CVE-2013-1615

The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.

2.9CVSS6.4AI score0.00114EPSS

CVE•added 2013/07/08 5:55 p.m.•32 views

CVE-2013-1614

Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.9AI score0.00349EPSS