Vulnerability Details CVE-2013-1615
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.0%
CVSS Severity
CVSS v2 Score 2.9
References
- http://www.securityfocus.com/bid/60798
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00
- http://www.securityfocus.com/bid/60798
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00
Products affected by CVE-2013-1615
-
cpe:2.3:a:symantec:security_information_manager:4.7.0
-
cpe:2.3:a:symantec:security_information_manager:4.7.1
-
cpe:2.3:a:symantec:security_information_manager:4.7.2
-
cpe:2.3:a:symantec:security_information_manager:4.7.3
-
cpe:2.3:a:symantec:security_information_manager:4.7.4
-
cpe:2.3:a:symantec:security_information_manager:4.8.0
-
cpe:2.3:h:symantec:security_information_manager_appliance:-