Symantec Web Gateway < 5.2 Multiple Vulnerabilities (SYM14-003)
High Nessus Network Monitor Plugin ID 8769
SynopsisThe web security gateway appliance running on the remote host has multiple vulnerabilities
DescriptionThe remote host is running Symantec Web Gateway, a web content filtering appliance that has it's own web server. Versions of Symantec Web Gateway prior to 5.2 are affected by the following vulnerabilities :
- Multiple cross-site scripting vulnerabilities exist.(CVE-2013-5013)
- Multiple SQL injection vulnerabilities exist because of a failure to sanitize user-supplied input before using it in a SQL query. (CVE-2013-5012)
SolutionUpgrade to Symantec Web Gateway version 5.2 or later.