Vulnerability in Symantec Web_gateway

CVE-2012-2957

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.

EPSS: 0.593 (99.0th percentile) — read the EPSS interpretation.

Affected products

Symantec Web_gateway — versions 5.0, 5.0.1, 5.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cret@cert.org (x_refsource_CONFIRM)
symantec-web-mechanism-file-include(77113) (vdb-entry, x_refsource_XF)
VU#108471 (x_refsource_CERT-VN, third-party-advisory)
54429 (vdb-entry, x_refsource_BID)