CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-0297

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile1.88th
Published2012年5月21日
Last Modified2026年4月29日

Vulnerability Description

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.

Affected Platforms (CPE)

📦
Symantec

Web Gateway

= 5.0
📦
Symantec

Web Gateway

= 5.0.1
📦
Symantec

Web Gateway

= 5.0.2

References & Advisories

🔗 http://www.securityfocus.com/bid/53444
🔗 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/75731
🔗 http://www.securityfocus.com/bid/53444
🔗 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/75731

相关漏洞威胁

CVE-2018-1246410.0

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows a...

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2010-473310.0

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom N...