CVE-2019-9696

6.1MEDIUM

Key Information

Vendor: Symantec
Status: Symantec Vip Enterprise Gateway
Vendor: CVE Published:; 9 April 2019

Summary

Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.

Affected Version(s)

Symantec VIP Enterprise Gateway = All EG Versions

Refferences

https://support.symantec.com/en_US/article.SYMSA1477.html

x_refsource_CONFIRM

http://www.securityfocus.com/bid/107692

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 9, 2019
Vulnerability Reserved
Mar 11, 2019

Collectors

NVD DatabaseMitre Database