3 matches found
CVE-2013-1615
The CVE affects Symantec SSIM Appliance’s management/Java console (versions 4.7.x and 4.8.x prior to 4.8.1). It allows remote attackers to obtain sensitive information via unspecified web-GUI API calls, resulting in an information disclosure vulnerability. Remediation cited in sources is upgradin...
CVE-2013-1613
CVE-2013-1613 is a SQL injection vulnerability in the Symantec Security Information Manager (SSIM) appliance Java/management console. Affected versions are SSIM 4.7.x and 4.8.x before 4.8.1. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Sym...
CVE-2013-1614
The CVE-2013-1614 vulnerability affects Symantec Security Information Manager (SSIM) Appliance management console (Java Console) on versions 4.7.x and 4.8.x prior to 4.8.1. The issue is multiple cross-site scripting (XSS) vulnerabilities that could allow remote attackers to inject arbitrary scrip...