Summary
Symantec Messaging Gateway is prone to a cross-site request-forgery vulnerability
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application.
Other attacks are also possible.
Symantec Messaging Gateway versions before 10.0 are vulnerable.
Solution
Vendor updates are available. Please see the reference for more details.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-0308 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- AMSI 'file' Parameter Directory Traversal Vulnerability