CVE-2013-1617

CWE-89SQL Injection4 documents4 sources
Severity
7.4HIGH
EPSS
1.4%
top 19.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec WEB Gateway
Timeline
PublishedAug 1
Latest updateMay 17

Description

Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

AV:A/AC:M/C:C/I:C/A:CExploitability: 4.4 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-pm86-q2qv-75mx: Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 52022-05-17
CVEList
CVE-2013-1617: Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 52013-07-31

💬Community

1
Bugzilla
CVE-2013-2209 ReviewBoard: Stored XSS due improper sanitization of user's full name in the reviews dropdown2013-06-24
CVE-2013-1617 (HIGH CVSS 7.4) | Multiple SQL injection vulnerabilit | cvebase.io