CVE-2014-7285
published 2014-12-17CVE-2014-7285: The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting…
medium6.5CVSS 3.1
AVNACLAuSCPIPAP
EXPLOIT
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | jenkins_core | — | — |
| symantec | web_gateway | <= 5.2.1 | — |