CVE-2012-0301

CWE-287 — Improper Authentication3 documents3 sources

Severity

5.4MEDIUM

EPSS

1.2%

top 21.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Message Filter

Timeline

PublishedJul 5

Latest updateMay 4

Description

Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.

CVSS vector

AV:A/AC:M/C:P/I:P/A:PExploitability: 5.5 | Impact: 6.4

Affected Packages1 packages

▶NVDsymantec/message_filter6.3

🔴Vulnerability Details

GHSA

GHSA-9698-9w5g-vr43: Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6↗2022-05-04

▶

CVEList

CVE-2012-0301: Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6↗2012-07-05

▶