Remote Command Execution Vulnerability in Symantec Web Gateway Appliances
CVE-2015-6547

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 20 September 2015

Summary

The management console on Symantec Web Gateway appliances, specifically those running software before version 5.2.2 DB 5.0.0.1277, is susceptible to a remote command execution vulnerability. This flaw enables authenticated remote users to execute arbitrary commands at boot time via several unspecified vectors, potentially compromising the security of the system. Organizations utilizing these appliances are strongly advised to apply the necessary updates to mitigate this risk.

References

http://www.securitytracker.com/id/1033625

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/76730

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 20, 2015
Vulnerability Reserved
Aug 21, 2015