Symantec Management Console Multiple XSS and XXE Vulnerabilities (SYM17-005)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The Symantec Management Console on the target host is affected by
multiple XSS and XXE vulnerabilities.

Description :

The version of Symantec Manager Console running on the remote host is
earlier then ITM 8.1 RU1, ITMS 8.0_POST_HF6 or ITMS 7.6_POST_HF7 and
is therefore affected by multiple cross-site scripting (XSS) and
XML External Entity (XXE) processing vulnerabilities.

See also :

Solution :

Upgrade to Symantec Management Console ITMS 8.1 RU1 or later or apply
patches ITMS 8.0_POST_HF6 and ITMS 7.6_POST_HF7.

Risk factor :

High / CVSS Base Score : 7.5

Family: Windows

Nessus Plugin ID: 102203 ()

Bugtraq ID:

CVE ID: CVE-2017-6322

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now