Product:

Messaging_gateway

(Symantec)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 25
Date Id Summary Products Score Patch Annotated
2022-12-09 CVE-2022-25630 An authenticated user can embed malicious content with XSS into the admin group policy page. Messaging_gateway 5.4
2022-12-09 CVE-2022-25629 An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column). Messaging_gateway 5.4
2017-04-14 CVE-2016-5309 The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for... Symantec_data_center_security_server, Advanced_threat_protection, Csapi, Email_security\.cloud, Endpoint_protection, Endpoint_protection_cloud, Endpoint_protection_for_small_business, Mail_security_for_domino, Mail_security_for_microsoft_exchange, Messaging_gateway, Messaging_gateway_for_service_providers, Protection_engine, Protection_for_sharepoint_servers, Web_gateway, Web_security\.cloud 5.5
2017-04-14 CVE-2016-5310 The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for... Symantec_data_center_security_server, Advanced_threat_protection, Csapi, Email_security\.cloud, Endpoint_protection, Endpoint_protection_cloud, Endpoint_protection_for_small_business, Mail_security_for_domino, Mail_security_for_microsoft_exchange, Messaging_gateway, Messaging_gateway_for_service_providers, Protection_engine, Protection_for_sharepoint_servers, Web_gateway, Web_security\.cloud 5.5
2019-10-24 CVE-2019-9699 Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. Messaging_gateway 4.5
2020-02-21 CVE-2012-6277 Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to... Autonomy_keyview_idol, Domino, Notes, Data_loss_prevention_endpoint, Data_loss_prevention_enforce\/detection_servers, Mail_security, Messaging_gateway N/A
2019-12-11 CVE-2019-18379 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. Messaging_gateway N/A
2019-12-11 CVE-2019-18378 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. Messaging_gateway N/A
2019-12-11 CVE-2019-18377 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Messaging_gateway N/A
2017-06-26 CVE-2017-6326 The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. Messaging_gateway 10.0