SQL Injection Vulnerability in Symantec Web Gateway Management Console
CVE-2012-2574

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 23 July 2012

What is CVE-2012-2574?

The management console of Symantec Web Gateway versions prior to 5.0.3.18 is susceptible to a SQL injection vulnerability. This flaw allows unauthorized remote attackers to manipulate the database through arbitrary SQL command execution. Attackers can exploit this vulnerability through unspecified vectors, which can lead to sensitive data exposure or other malicious activities. It is crucial for users of affected versions to implement security patches and updates to mitigate potential risks.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/54424

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/108471

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2012
Vulnerability Reserved
May 9, 2012