⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2017-6327

CWE-77 — Command Injection CWE-20 — Improper Input Validation6 documents6 sources

Severity

8.8HIGH

EPSS

76.8%

top 1.05%

CISA KEV

KEV

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Symantec Message Gateway Symantec Corporation Messaging Gateway

Timeline

PublishedAug 11

KEV addedNov 3

KEV dueMay 3

Latest updateMay 13

CISA Required Action: Apply updates per vendor instructions.

Description

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5symantec_corporation/messaging_gatewayAll versions prior to version 10.6.3-267

▶NVDsymantec/message_gateway< 10.6.3-267

🔴Vulnerability Details

GHSA

GHSA-x45p-q5pf-h9jx: The Symantec Messaging Gateway before 10↗2022-05-13

▶

CVEList

CVE-2017-6327: The Symantec Messaging Gateway before 10↗2017-08-11

▶

VulnCheck

Symantec Messaging Gateway Remote Code Execution Vulnerability↗2017

▶

💥Exploits & PoCs

Exploit-DB

Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution↗2017-08-18

▶

📋Vendor Advisories

CISA

Symantec Messaging Gateway Remote Code Execution Vulnerability↗2021-11-03

▶