Symantec has released an update to address an issue that was discovered in the Symantec Messaging Gateway (SMG) product.
Symantec Messaging Gateway (SMG)
CVE
|
Affected Version(s)
|
Remediation
CVE-2019-12751
|
Prior to 10.7.1
|
Upgrade to 10.7.1
CVE-2019-12751
Severity/CVSSv3:
|
Medium / 6.4 AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
References:
Impact:
|
Security Focus: BID 108925 / NVD: CVE-2019-12751
Privilege Escalation
Description:
|
Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
The mentioned issue was validated by the product team engineers. A Symantec Messaging Gateway update, version 10.7.1, has been released which addresses the aforementioned issue. The latest releases and patches for Symantec Messaging Gateway are available to customers through normal support channels. At this time, Symantec is not aware of any exploitations or adverse customer impact from these issues.
Symantec recommends the following measures to reduce risk of attack:
CPE | Name | Operator | Version |
---|---|---|---|
symantec messaging gateway (smg) | eq | 1 |