CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23953
https://notcve.org/view.php?id=CVE-2023-23953
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23954
https://notcve.org/view.php?id=CVE-2023-23954
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23952
https://notcve.org/view.php?id=CVE-2023-23952
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23955
https://notcve.org/view.php?id=CVE-2023-23955
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9092
https://notcve.org/view.php?id=CVE-2016-9092
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user. Las consolas de administración Content Analysis (CA) versiones 1.3, 2.x anteriores a 2.2.1.1 y Mail Threat Defense (MTD) versión 1.1 de Symantec, son susceptibles a una vulnerabilidad de tipo cross-site request forging (CSRF). Un atacante remoto puede usar phishing u otras técnicas de ingeniería social para acceder a la consola de administración con los privilegios de un usuario administrador autenticado. • http://www.securityfocus.com/bid/104182 https://www.symantec.com/security-center/network-protection-security-advisories/SA149 • CWE-352: Cross-Site Request Forgery (CSRF) •