Broadcom Symantec Messaging Gateway (SMG) 10.5

CPE Details

Broadcom Symantec Messaging Gateway (SMG) 10.5
broadcom
symantec_messaging_gateway
10.5
2024-02-03
02h15 +00:00
2024-02-03
02h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:broadcom:symantec_messaging_gateway:10.5:*:*:*:*:*:*:*

Informations

Vendor

broadcom

Product

symantec_messaging_gateway

Version

10.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-23615 2024-01-25 23h32 +00:00 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
10
Critical
CVE-2020-12595 2020-12-10 04h21 +00:00 An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.
4.9
Medium
CVE-2020-12594 2020-12-10 04h21 +00:00 A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4.
7.2
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.