CyberSec.Space Logo
Back to CVE Browser

CVE-2012-2976

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile20.30th
PublishedJul 23, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.

Affected Platforms (CPE)

πŸ“¦
Symantec

Web Gateway

= 5.0
πŸ“¦
Symantec

Web Gateway

= 5.0.1
πŸ“¦
Symantec

Web Gateway

= 5.0.2
πŸ“¦
Symantec

Web Gateway

= 5.0.3

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/108471
πŸ”— http://www.securityfocus.com/bid/54427
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00
πŸ”— http://www.kb.cert.org/vuls/id/108471
πŸ”— http://www.securityfocus.com/bid/54427
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00

Related Vulnerabilities

CVE-2018-1246410.0

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows a...

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2010-473310.0

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom N...