Symantec Messaging Gateway 10.7.0

CPE Details

Symantec Messaging Gateway 10.7.0
symantec
messaging_gateway
10.7.0
2019-06-19
20h52 +00:00
2019-06-19
20h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:symantec:messaging_gateway:10.7.0:*:*:*:*:*:*:*

Informations

Vendor

symantec

Product

messaging_gateway

Version

10.7.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-25629 2022-12-08 23h00 +00:00 An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
5.4
Medium
CVE-2022-25630 2022-12-08 23h00 +00:00 An authenticated user can embed malicious content with XSS into the admin group policy page.
5.4
Medium
CVE-2019-18379 2019-12-11 14h49 +00:00 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.
7.3
High
CVE-2019-18378 2019-12-11 14h49 +00:00 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
4.8
Medium
CVE-2019-18377 2019-12-11 14h49 +00:00 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
7.2
High