First published: Mon May 21 2012(Updated: )
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Symantec Web Gateway Appliance | =5.0 | |
Symantec Web Gateway Appliance | =5.0.1 | |
Symantec Web Gateway Appliance | =5.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-0298 has a medium severity rating due to the potential for unauthorized file access and deletion.
To fix CVE-2012-0298, upgrade to Symantec Web Gateway version 5.0.3 or later.
CVE-2012-0298 allows remote attackers to read or delete arbitrary files on affected installations.
Symantec Web Gateway versions 5.0, 5.0.1, and 5.0.2 are all affected by CVE-2012-0298.
The potential impacts of CVE-2012-0298 include data loss, system compromise, and unauthorized information disclosure.