Privilege Escalation Vulnerability in Broadcom's SMG Appliance
CVE-2020-12594

7.2HIGH

Key Information:

Vendor: Broadcom
Status: Symantec Messaging Gateway (smg)
Vendor: CVE Published:; 10 December 2020

Summary

A privilege escalation flaw exists within Broadcom's SMG appliance, allowing a malicious, authenticated CLI user to gain elevated privileges. This vulnerability enables a user to obtain full control over the system, compromising the security of the appliance. It affects versions of SMG prior to 10.7.4, highlighting the need for immediate updates to mitigate potential risks.

Affected Version(s)

Symantec Messaging Gateway (SMG) SMG prior to 10.7.4

References

https://support.broadcom.com/security-advisory/content/se...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 10, 2020
Vulnerability Reserved
Apr 30, 2020