CVE-2012-0297
published 2012-05-21CVE-2012-0297: The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| symantec | web_gateway | — | — |
| symantec | web_gateway | — | — |
| symantec | web_gateway | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck10.0CRITICAL