Vulnerability in Symantec Web_gateway
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
EPSS: 0.001 (32.4th percentile) — read the EPSS interpretation.
Affected products
- Symantec Web_gateway — versions 5.0, 5.0.1, 5.0.2
- Symantec Web_gateway_appliance_8450
- Symantec Web_gateway_appliance_8490
- N/a — versions n/a
Weakness classification (CWE)
References
- secure@symantec.com (x_refsource_CONFIRM, Vendor Advisory)
- 61104 (vdb-entry, x_refsource_BID)
- secure@symantec.com (x_refsource_MISC)
- secure@symantec.com (x_refsource_MISC)
- 95695 (x_refsource_OSVDB, vdb-entry)