Check CVE Id
Check CWE Id
Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."
CVSS Base Score
Symantec Reporter 9.5 prior to 126.96.36.199 and 10.x prior to 10.2 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 188.8.131.52), ProxySG 6.5 (prior to 184.108.40.206), ProxySG 6.6, and ProxySG 6.7 (prior to 220.127.116.11) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use...
The Symantec ProxySG 6.5 (prior to 18.104.22.168), 6.6, and 6.7 (prior to 22.214.171.124) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary Java...
Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating var...
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended user...
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
Back to Top