|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-12-25 | |
| Rule Name: | EXPLOIT Symantec Web Gateway Management Console Remote Shell Command Execution Vulnerability (CVE-2012-0297) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Network Device | |
| Reference: | SecurityFocusBID:53444 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 |
|
| Solutions |
|---|
| Upgrade to version 5.0.3 to solve the problem. |