CVE-2012-2574

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 23 July 2012

Summary

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/54424

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/108471

third-party-advisoryx_refsource_CERT-VN

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 23, 2012
Vulnerability Reserved
May 9, 2012