The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."
References
Configurations
History
21 Nov 2024, 02:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/76731 - | |
References | () http://www.securitytracker.com/id/1033625 - | |
References | () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00 - Vendor Advisory | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-15-444/ - |
Information
Published : 2015-09-20 20:59
Updated : 2024-11-21 02:33
NVD link : CVE-2015-5693
Mitre link : CVE-2015-5693
CVE.ORG link : CVE-2015-5693
JSON object : View
Products Affected
symantec
- web_gateway
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')