File Inclusion Vulnerability in Symantec Messaging Gateway
CVE-2017-6325
6.6MEDIUM
What is CVE-2017-6325?
The Symantec Messaging Gateway is susceptible to a file inclusion vulnerability that arises from mishandling an attacker-controlled variable. When the application constructs a path to executable code, it inadvertently allows the attacker to dictate which file gets executed during runtime. This flaw can enable remote unauthorized access, potentially leading to the execution of malicious code on the web server hosting the application. Proper security measures are crucial to mitigate this risk and protect organizational resources.
Affected Version(s)
Messaging Gateway All versions prior to version 10.6.3