Command Injection Vulnerability in Symantec Web Gateway Management Console
CVE-2013-1616

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway; Web Gateway Appliance 8450; Web Gateway Appliance 8490
Vendor: CVE Published:; 1 August 2013

Summary

The management console of the Symantec Web Gateway appliance versions prior to 5.1.1 is susceptible to command injection attacks. This vulnerability enables remote attackers to execute arbitrary commands on the vulnerable system by injecting malicious commands into application scripts. Proper mitigation measures, such as upgrading to the latest version and implementing additional security controls, are essential to protect against potential exploits.

References

http://www.securityfocus.com/bid/61106

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

https://www.sec-consult.com/fxdata/seccons/prod/temedia/a...

x_refsource_MISC

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 1, 2013
Vulnerability Reserved
Feb 4, 2013