Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0298

CWE-2644 documents4 sources
Severity
6.4MEDIUM
EPSS
4.4%
top 11.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Symantec WEB Gateway
Timeline
PublishedMay 21
Latest updateMay 4

Description

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDsymantec/web_gateway5.0, 5.0.1, 5.0.2+2

🔴Vulnerability Details

2
GHSA
GHSA-j72c-xffj-qrgx: The file-management scripts in the management GUI in Symantec Web Gateway 52022-05-04
CVEList
CVE-2012-0298: The file-management scripts in the management GUI in Symantec Web Gateway 52012-05-21

💥Exploits & PoCs

1
Exploit-DB
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities2012-06-27
CVE-2012-0298 (MEDIUM CVSS 6.4) | The file-management scripts in the | cvebase.io