CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9696

Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/107692
https://support.symantec.com/en_US/article.SYMSA1477.html
http://www.securityfocus.com/bid/107692
https://support.symantec.com/en_US/article.SYMSA1477.html

Products affected by CVE-2019-9696

Symantec » Vip Enterprise Gateway » Version: 9.7

cpe:2.3:a:symantec:vip_enterprise_gateway:9.7
Symantec » Vip Enterprise Gateway » Version: 9.8

cpe:2.3:a:symantec:vip_enterprise_gateway:9.8
Symantec » Vip Enterprise Gateway » Version: 9.8.2

cpe:2.3:a:symantec:vip_enterprise_gateway:9.8.2
Symantec » Vip Enterprise Gateway » Version: 9.8.3

cpe:2.3:a:symantec:vip_enterprise_gateway:9.8.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9696

Products

Pricing

Contact Us