Symantec IM Manager < 8.4.16 Multiple SQL Injections (SYM10-010)
Critical Nessus Plugin ID 50432
A web application on the remote Windows host may be affected by multiple SQL injection vulnerabilities.
The version of Symantec IM Manager installed on the remote Windows host is earlier than 8.4.16. Such versions are reportedly affected by multiple SQL injection vulnerabilities in its administration console. An unauthenticated, remote attacker may be able to exploit these issues to compromise the application's database.
Upgrade to Symantec IM Manager 8.4.16 (build 8.4.1393) or later.