CVE-2012-3580
high
CVSS v3
—
CVSS v2
7.7
VIR risk
7.7
Description
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| symantec | messaging_gateway | {"endIncluding":"9.5.4"} | |
| symantec | messaging_gateway | 9.5 | |
| symantec | messaging_gateway | 9.5.1 | |
| symantec | messaging_gateway | 9.5.2 | |
| symantec | messaging_gateway | 9.5.3 | |
References
- http://www.securityfocus.com/bid/55141
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78032
- http://www.securityfocus.com/bid/55141
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78032
Verify integrity in audit chain (admin only). AS-IS.