CVE-2015-5693

high

Description

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."

References

http://www.zerodayinitiative.com/advisories/ZDI-15-444/

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00

http://www.securitytracker.com/id/1033625

http://www.securityfocus.com/bid/76731

Details

Source: Mitre, NVD

Published: 2015-09-20

Updated: 2016-12-22

Risk Information

CVSS v2

Base Score: 7.9

Vector: CVSS2#AV:N/AC:M/Au:M/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H