RADIUS Authentication Flaw in Symantec Web Gateway Appliance
CVE-2013-4673

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway; Web Gateway Appliance 8450; Web Gateway Appliance 8490
Vendor: CVE Published:; 1 August 2013

Summary

A vulnerability exists in the management console of the Symantec Web Gateway appliance prior to version 5.1.1 due to improper implementation of RADIUS authentication. This flaw allows remote attackers to gain unauthorized access to the login prompt and potentially execute arbitrary code, exposing sensitive information and compromising the security of the system. Addressing this issue promptly is essential to safeguard networks from potential exploitation.

References

http://osvdb.org/95702

vdb-entryx_refsource_OSVDB

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/61105

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 1, 2013
Vulnerability Reserved
Jun 24, 2013