CVE-2013-4672

CWE-2643 documents3 sources
Severity
7.2HIGH
EPSS
0.1%
top 67.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec WEB Gateway
Timeline
PublishedAug 1
Latest updateMay 17

Description

The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.

CVSS vector

AV:A/AC:L/C:C/I:C/A:CExploitability: 4.1 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9pwg-54q3-m94v: The management console on the Symantec Web Gateway (SWG) appliance before 52022-05-17
CVEList
CVE-2013-4672: The management console on the Symantec Web Gateway (SWG) appliance before 52013-07-31
CVE-2013-4672 (HIGH CVSS 7.2) | The management console on the Syman | cvebase.io