search menu icon-carat-right cmu-wordmark

CERT Coordination Center


Symantec Web Gateway contains multiple vulnerabilities

Vulnerability Note VU#108471

Original Release Date: 2012-07-24 | Last Revised: 2018-03-21

Overview

The Symantec Web Gateway management console is vulnerable to remote command execution, local file inclusion, arbitrary password changes, and SQL injection.

Description

The Symantec SYM12-011 advisory states:

"Symantec's Web Gateway management console is susceptible to multiple security issues that include remote command execution, local file inclusion, arbitrary password change and SQL injection security issues. Successful exploitation could result in unauthorized command execution on or access to the management console and backend database."

Additional details may be found in the full Symantec SYM12-011 advisory.

Impact

A remote unauthenticated attacker may be able to run unauthorized commands and access the backend database.

Solution

Apply an Update

The Symantec SYM12-011 advisory states:

"The security update addressing these issues has been pushed to customers as an immediately available update. For customers with automatic updating enabled the update will automatically be applied. Customers that do not have automatic updating enabled will need to manually apply the update by clicking "Check for Updates -> Updates" on the Administration->Updates page for Web Gateway Database Updates and Web Gateway Software Updates.

To confirm customers are running the latest updates they should check the "Current Software Version -> Current Version" on the Administration->Updates page. Alternatively, customers can click the "Check for Updates" button on the Administration->Updates page to verify that they are running the latest software version."

Vendor Information

108471
Expand all

Symantec

Notified:  June 26, 2012 Updated:  July 24, 2012

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C
Temporal 7.9 E:F/RL:ND/RC:C
Environmental 7.9 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Offensive Security and Tenable Network Security for reporting these vulnerabilities.

This document was written by Jared Allar.

Other Information

CVE IDs: CVE-2012-2953, CVE-2012-2957, CVE-2012-2574, CVE-2012-2961, CVE-2012-2976, CVE-2012-2977
Date Public: 2012-07-20
Date First Published: 2012-07-24
Date Last Updated: 2018-03-21 16:00 UTC
Document Revision: 23

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.