CSRF in Symantec Messaging_gateway

CVE-2012-0308

Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators.

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.003 (49.2th percentile) — read the EPSS interpretation.

Affected products

Symantec Messaging_gateway — versions 9.5, 9.5.1, 9.5.2
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
55137 (vdb-entry, x_refsource_BID)