APP: Symantec Web Gateway Password Change

This signature detects attempts to exploit a known flaw in Symantec Web Gateway. A successful attack may allow attackers to change another user's password allowing them to gain unauthorized access in the context of the affected user.

Extended Description

Symantec Web Gateway is prone to a security-bypass vulnerability. Successful exploits may allow attackers to change another user's password allowing them to gain unauthorized access in the context of the affected user. This may aid in further attacks. Symantec Web Gateway versions 5.0.x.x are vulnerable.

Affected Products

Symantec web_gateway

References

BugTraq: 54430

CVE: CVE-2012-2977

Short Name
APP:SYMC:WEB-GW-PWD-CHG
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2012-2977 Change Gateway Password Symantec Web bid:54430
Release Date
01/17/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Symantec

CVSS Score

5.0

Found a potential security threat?