var-201907-0220
Vulnerability from variot
Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Messaging Gateway Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Symantec Messaging Gateway versions prior to 10.7.1 are vulnerable. The product includes features such as antispam, antivirus, advanced content filtering, and data loss prevention
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "message gateway",
"scope": "lt",
"trust": 1.8,
"vendor": "symantec",
"version": "10.7.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.7"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.4"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.3-3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.6"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.5"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.4"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.3-267"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.3-266"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.0-7"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6.0-3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "messaging gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.7.1"
}
],
"sources": [
{
"db": "BID",
"id": "108925"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.7.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12751"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave",
"sources": [
{
"db": "BID",
"id": "108925"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
],
"trust": 0.9
},
"cve": "CVE-2019-12751",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-12751",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-144529",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-12751",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-12751",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-608",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-144529",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144529"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Messaging Gateway Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a privilege-escalation vulnerability. \nAn attacker can exploit this issue to gain elevated privileges on an affected system. \nSymantec Messaging Gateway versions prior to 10.7.1 are vulnerable. The product includes features such as antispam, antivirus, advanced content filtering, and data loss prevention",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "BID",
"id": "108925"
},
{
"db": "VULHUB",
"id": "VHN-144529"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12751",
"trust": 2.8
},
{
"db": "BID",
"id": "108925",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-144529",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144529"
},
{
"db": "BID",
"id": "108925"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"id": "VAR-201907-0220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-144529"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:00:52.703000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYMSA1486",
"trust": 0.8,
"url": "https://support.symantec.com/us/en/article.symsa1486.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144529"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://support.symantec.com/us/en/article.symsa1486.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/108925"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12751"
},
{
"trust": 0.9,
"url": "http://www.symantec.com"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12751"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144529"
},
{
"db": "BID",
"id": "108925"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-144529"
},
{
"db": "BID",
"id": "108925"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-144529"
},
{
"date": "2019-07-10T00:00:00",
"db": "BID",
"id": "108925"
},
{
"date": "2019-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"date": "2019-07-11T21:15:09.733000",
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"date": "2019-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-144529"
},
{
"date": "2019-07-12T03:00:00",
"db": "BID",
"id": "108925"
},
{
"date": "2019-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006487"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-12751"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Messaging Gateway Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-608"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.