Detections
Analytics

Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016)

medium Nessus Plugin ID 80118

Language:

Synopsis

A web security application hosted on the remote web server is affected by a OS command injection vulnerability.

Description

According to its self-reported version number, the remote web server is hosting a version of Symantec Web Gateway prior to version 5.2.2.
It is, therefore, affected by a operating system (OS) command injection vulnerability in an unspecified PHP script which impacts the management console. A remote, authenticated user can exploit this issue to execute arbitrary OS commands subject to the privileges of the authenticated user.

Solution

Upgrade to Symantec Web Gateway 5.2.2 or later.

See Also

http://karmainsecurity.com/KIS-2014-19

http://www.nessus.org/u?ec931e05

Plugin Details

Severity: Medium

ID: 80118

File Name: symantec_web_gateway_sym14-016.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 12/19/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2014-7285

Vulnerability Information

CPE: cpe:/a:symantec:web_gateway

Required KB Items: installed_sw/symantec_web_gateway

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 12/16/2014

Vulnerability Publication Date: 12/16/2014

Exploitable With

Metasploit (Symantec Web Gateway 5 restore.php Post Authentication Command Injection)

Reference Information

CVE: CVE-2014-7285

BID: 71620