CVE-2017-6325 in Messaging Gatewayinfo

Zusammenfassung

von MITRE

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

26.02.2017

Veröffentlichung

26.06.2017

Moderieren

akzeptiert

Eintrag

VDB-102750

CPE

bereit

CWE

CWE-94 (bestätigt)

Exploit

Download

CVSS

6.6 (NVD)

EPSS

0.03374

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-6325
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-6325
CVE Details	https://www.cvedetails.com/cve/CVE-2017-6325/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!