Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-6326

4 documents4 sources

Severity

10.0CRITICAL

EPSS

79.1%

top 0.93%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Messaging Gateway Symantec Corporation Messaging Gateway

Timeline

PublishedJun 26

Latest updateMay 13

Description

The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

▶NVDsymantec/messaging_gateway10.6.3

▶CVEListV5symantec_corporation/messaging_gatewayAll versions prior to version 10.6.3

🔴Vulnerability Details

GHSA

GHSA-5pf7-r489-5rgm: The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the abili↗2022-05-13

▶

CVEList

CVE-2017-6326: The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the abili↗2017-06-26

▶

💥Exploits & PoCs

Exploit-DB

Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit)↗2017-06-26

▶