Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Symantec Web Gateway < 5.2 Multiple Vulnerabilities (SYM14-003)

High

Synopsis

The web security gateway appliance running on the remote host has multiple vulnerabilities

Description

The remote host is running Symantec Web Gateway, a web content filtering appliance that has it's own web server. Versions of Symantec Web Gateway prior to 5.2 are affected by the following vulnerabilities :

- Multiple cross-site scripting vulnerabilities exist.(CVE-2013-5013)

- Multiple SQL injection vulnerabilities exist because of a failure to sanitize user-supplied input before using it in a SQL query. (CVE-2013-5012)

Solution

Upgrade to Symantec Web Gateway version 5.2 or later.