CVE-2003-0106

3 documents3 sources

Severity

7.5HIGH

EPSS

0.7%

top 26.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Enterprise Firewall

Timeline

PublishedApr 2

Latest updateApr 29

Description

The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsymantec/enterprise_firewall7.0

Patches

Patch: service1.symantec.com ↗Patch: service1.symantec.com ↗

🔴Vulnerability Details

GHSA

GHSA-3vmv-j634-9wxq: The HTTP proxy for Symantec Enterprise Firewall (SEF) 7↗2022-04-29

▶

CVEList

CVE-2003-0106: The HTTP proxy for Symantec Enterprise Firewall (SEF) 7↗2003-03-27

▶