Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-3579Messaging Gateway vulnerability

CWE-2644 documents4 sources
Severity
7.9HIGHNVD
EPSS
36.4%
top 2.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Symantec Messaging Gateway
Timeline
PublishedAug 29
Latest updateMay 17

Description

Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.

CVSS vector

AV:A/AC:M/C:C/I:C/A:CExploitability: 5.5 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-gqmh-7vv7-cv43: Symantec Messaging Gateway (SMG) before 102022-05-17
CVEList
CVE-2012-3579: Symantec Messaging Gateway (SMG) before 102012-08-29

💥Exploits & PoCs

1
Exploit-DB
Symantec Messaging Gateway 9.5/9.5.1 - SSH Default Password Security Bypass (Metasploit)2012-08-30
CVE-2012-3579 — Symantec vulnerability | cvebase