Symantec Web Gateway Local File Manipulation Authentication Bypass Vulnerability Network Vulnerability

Summary

Symantec Web Gateway is prone to a local authentication-bypass vulnerability A attacker can exploit this issue by manipulating certain local files to bypass authentication and gain unauthorized privileged access to the application. Successful exploits may lead to other attacks. Symantec Web Gateway versions 5.0.x.x are vulnerable.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www.securityfocus.com/bid/54429
http://www.symantec.com/business/web-gateway

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2957

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ARRIS 2307 Unprotected Web Console
AWStats configdir parameter arbitrary cmd exec
A Really Simple Chat Multiple SQL Injection Vulnerabilities
Alchemy Eye HTTP Command Execution
AlienVault OSSIM Multiple Remote Code Execution Vulnerabilities

Take action and discover your vulnerabilities