Shodan
Vulnerabilities
Vulnerable Software
Symantec:  >> Web Gateway  Security Vulnerabilities
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
CVSS Score
7.2
EPSS Score
0.002
Published
2013-08-01
CVE-2013-4673
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 does not properly implement RADIUS authentication, which allows remote attackers to execute arbitrary code by leveraging access to the login prompt.
CVSS Score
5.8
EPSS Score
0.008
Published
2013-08-01
CVE-2012-4178
SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2012-08-07
CVE-2012-2574
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.
CVSS Score
7.5
EPSS Score
0.011
Published
2012-07-23
CVE-2012-2953
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.
CVSS Score
10.0
EPSS Score
0.809
Published
2012-07-23
CVE-2012-2957
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.
CVSS Score
7.2
EPSS Score
0.094
Published
2012-07-23
CVE-2012-2961
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.012
Published
2012-07-23
CVE-2012-2976
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
CVSS Score
10.0
EPSS Score
0.044
Published
2012-07-23
CVE-2012-2977
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.
CVSS Score
5.0
EPSS Score
0.082
Published
2012-07-23
CVE-2012-0296
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.006
Published
2012-05-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved