Filtered by vendor Broadcom
Subscribe
Filtered by product Symantec Privileged Access Management
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-38493 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-10-28 | N/A | 6.1 MEDIUM |
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI. | |||||
CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-02-28 | N/A | 8.8 HIGH |
A malicious unauthorized PAM user can access the administration configuration data and change the values. |