← voltar
CVE-2017-15532

CVE-2017-15532

EPSS 1.4%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
20 dez 2017Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.
Produtos afetados
Symantec Corporation · Messaging Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171220_00http://www.securityfocus.com/bid/102096