VAR-200403-0063
Vulnerability from variot - Updated: 2024-05-28 18:21Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. Symantec's gateway security 5400 Exists in unspecified vulnerabilities.None. The issue is reported to exist due to improper sanitizing of user-supplied data. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. If an attacker manages to steal a cookie for a valid session, the attacker may leverage the vulnerability to gain management rights to the affected device. Symantec Gateway Security 5400 series is a firewall device developed by Symantec. Remote attackers can use this vulnerability to obtain administrator sensitive information, such as COOKIE information. When a client submits a URL request to be processed by the Symantec Gateway Security service object, if the processed URL does not exist, such as requesting any object in the /sgmi directory, an error page will be returned to The browser is requested, but the data is not sufficiently filtered when generating the content of the error page, so malicious scripts can be executed in the context of the SGS device. Could allow an attacker to hijack the device's administrative session
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200403-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "gateway security 5400",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30de\u30f3\u30c6\u30c3\u30af",
"version": null
},
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30de\u30f3\u30c6\u30c3\u30af",
"version": null
},
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30de\u30f3\u30c6\u30c3\u30af",
"version": "2.0"
},
{
"model": "gateway security series",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
}
],
"sources": [
{
"db": "BID",
"id": "9755"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Soby, Raytheon\u203b Brian_J_Soby@raytheon.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-0192",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-8622",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0192",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200403-082",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-8622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8622"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. Symantec\u0027s gateway security 5400 Exists in unspecified vulnerabilities.None. \nThe issue is reported to exist due to improper sanitizing of user-supplied data. \nSuccessful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. If an attacker manages to steal a cookie for a valid session, the attacker may leverage the vulnerability to gain management rights to the affected device. Symantec Gateway Security 5400 series is a firewall device developed by Symantec. Remote attackers can use this vulnerability to obtain administrator sensitive information, such as COOKIE information. When a client submits a URL request to be processed by the Symantec Gateway Security service object, if the processed URL does not exist, such as requesting any object in the /sgmi directory, an error page will be returned to The browser is requested, but the data is not sufficiently filtered when generating the content of the error page, so malicious scripts can be executed in the context of the SGS device. Could allow an attacker to hijack the device\u0027s administrative session",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0192"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "BID",
"id": "9755"
},
{
"db": "VULHUB",
"id": "VHN-8622"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8622",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8622"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0192",
"trust": 3.6
},
{
"db": "BID",
"id": "9755",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040227 SYMANTEC GATEWAY SECURITY MANAGEMENT SERVICE CROSS SITE SCRIPTING",
"trust": 0.6
},
{
"db": "XF",
"id": "15330",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-77514",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "23764",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8622",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8622"
},
{
"db": "BID",
"id": "9755"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"id": "VAR-200403-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8622"
}
],
"trust": 0.01
},
"last_update_date": "2024-05-28T18:21:34.719000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9755"
},
{
"trust": 1.9,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15330"
},
{
"trust": 1.8,
"url": "http://marc.info/?l=bugtraq\u0026m=107790684732458\u0026w=2"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0192"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107790684732458\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15330"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/avcenter/security/content/2004.03.03.html"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/355555"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=107790684732458\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8622"
},
{
"db": "BID",
"id": "9755"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8622"
},
{
"db": "BID",
"id": "9755"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-8622"
},
{
"date": "2004-02-26T00:00:00",
"db": "BID",
"id": "9755"
},
{
"date": "2024-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"date": "2004-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"date": "2004-03-15T05:00:00",
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8622"
},
{
"date": "2009-07-12T03:06:00",
"db": "BID",
"id": "9755"
},
{
"date": "2024-05-27T02:26:00",
"db": "JVNDB",
"id": "JVNDB-2004-000715"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-082"
},
{
"date": "2017-07-11T01:29:57.400000",
"db": "NVD",
"id": "CVE-2004-0192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Gateway Security Error Page Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "9755"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-082"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…