Lucene search
K
SymantecSecurity Information Manager

4 matches found

CVE
CVE
added 2006/06/19 10:0 a.m.61 views

CVE-2006-3072

CVE-2006-3072 affects Symantec Security Information Manager prior to 4.0.2.29 HOTFIX 1, where the M4 Macro Library processes crafted rule definitions that produce dangerous Java code during M4 transformation, enabling local users to execute arbitrary commands. The vulnerability is local in scope ...

4.6CVSS7.7AI score0.00471EPSS
CVE
CVE
added 2013/07/08 5:0 p.m.52 views

CVE-2013-1615

The CVE affects Symantec SSIM Appliance’s management/Java console (versions 4.7.x and 4.8.x prior to 4.8.1). It allows remote attackers to obtain sensitive information via unspecified web-GUI API calls, resulting in an information disclosure vulnerability. Remediation cited in sources is upgradin...

2.9CVSS6.4AI score0.0076EPSS
CVE
CVE
added 2013/07/08 5:0 p.m.51 views

CVE-2013-1613

CVE-2013-1613 is a SQL injection vulnerability in the Symantec Security Information Manager (SSIM) appliance Java/management console. Affected versions are SSIM 4.7.x and 4.8.x before 4.8.1. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Sym...

4.7CVSS8.2AI score0.01461EPSS
CVE
CVE
added 2013/07/08 5:0 p.m.43 views

CVE-2013-1614

The CVE-2013-1614 vulnerability affects Symantec Security Information Manager (SSIM) Appliance management console (Java Console) on versions 4.7.x and 4.8.x prior to 4.8.1. The issue is multiple cross-site scripting (XSS) vulnerabilities that could allow remote attackers to inject arbitrary scrip...

4.3CVSS5.9AI score0.01514EPSS