Symantec IM Manager < 8.4.18 Multiple Vulnerabilities (SYM11-012)

Medium Nessus Network Monitor Plugin ID 6031


The remote host contains a web application that is vulnerable to multiple attack vectors.


The remote host is running Symantec IM Manager, an application for managing instant messaging traffic.

Versions of Symantec IM Manager earlier than build 8.4.18 are potentially affected by multiple vulnerabilities :

- An unspecified cross-site scripting vulnerability. (CVE-2011-0552)

- An unspecified SQL injection vulnerability. (CVE-2011-0553)

- An unspecified code injection vulnerability. (CVE-2011-0554)


Upgrade to Symantec IM Manager build 8.4.18 or later.

See Also

Plugin Details

Severity: Medium

ID: 6031

File Name: 6031.prm

Family: CGI

Published: 2011/09/30

Modified: 2016/01/21

Dependencies: 1442

Nessus ID: 56378

Risk Information

Risk Factor: Medium


Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 6.3

Temporal Score: 5.9


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2011/09/29

Vulnerability Publication Date: 2011/09/29

Reference Information

CVE: CVE-2011-0552, CVE-2011-0553, CVE-2011-0554

BID: 49738, 49739, 49742

OSVDB: 75981, 75982, 75983, 75984, 75985