SSL: Symantec Web Gateway OS Command Injection

This signature detects attempts to exploit a known vulnerability against Symantec Web Gateway. The vulnerability is due to insufficient input validation by existing application scripts accessible though the SWG console's interface. A remote authenticated attacker can leverage this vulnerability to inject and execute commands with SYSTEM privileges.

Extended Description

The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

Affected Products

Symantec web_gateway

References

BugTraq: 71620

CVE: CVE-2014-7285

Short Name
SSL:SYMC-WEB-CMD-INJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
SSL
Keywords
CVE-2014-7285 Command Gateway Injection OS Symantec Web bid:71620
Release Date
06/09/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Symantec

CVSS Score

6.5

Found a potential security threat?