Multiple SQL Injection Vulnerabilities in Symantec Web Gateway Management Console
CVE-2013-5012

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 11 February 2014

Summary

Multiple SQL injection vulnerabilities exist in the management console of Symantec Web Gateway appliances prior to version 5.2. These vulnerabilities enable remote authenticated users to execute arbitrary SQL commands through unspecified vectors, potentially compromising the security of the appliance and the data it processes. Proper patch management and security measures are crucial to protect against these vulnerabilities.

References

http://www.securityfocus.com/bid/65404

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 11, 2014
Vulnerability Reserved
Jul 29, 2013