CPE Details
Symantec Messaging Gateway 10.6.6
10.6.6
2019-06-19
20h52 +00:00
20h52 +00:00
2019-06-19
20h52 +00:00
20h52 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:symantec:messaging_gateway:10.6.6:*:*:*:*:*:*:*
Informations
Vendor
symantecProduct
messaging_gatewayVersion
10.6.6Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column). | 5.4 |
Medium |
||
| An authenticated user can embed malicious content with XSS into the admin group policy page. | 5.4 |
Medium |
||
| Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | 7.3 |
High |
||
| Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | 4.8 |
Medium |
||
| Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.2 |
High |
||
| Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | 4.5 |
Medium |
2025©
tesweb SA
