1 results (0.001 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user. Las consolas de administración Content Analysis (CA) versiones 1.3, 2.x anteriores a 2.2.1.1 y Mail Threat Defense (MTD) versión 1.1 de Symantec, son susceptibles a una vulnerabilidad de tipo cross-site request forging (CSRF). Un atacante remoto puede usar phishing u otras técnicas de ingeniería social para acceder a la consola de administración con los privilegios de un usuario administrador autenticado. • http://www.securityfocus.com/bid/104182 https://www.symantec.com/security-center/network-protection-security-advisories/SA149 • CWE-352: Cross-Site Request Forgery (CSRF) •