CVE-2017-6327

Symantec Messaging Gateway Remote Code Execution Vulnerability

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

*SSVC

Descriptions

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.

En versiones anteriores a la 10.6.3-267 de Symantec Messaging Gateway puede encontrarse un problema de ejecución remota de código que describe una situación en la que un individuo puede conseguir ejecutar comandos de forma remota en una máquina objetivo o en un proceso objetivo. En esta situación, tras haber obtenido el acceso al sistema, el atacante podría intentar elevar sus privilegios.

Symantec Messaging Gateway versions 10.6.3-2 and below suffer from an unauthenticated remote code execution vulnerability.

Symantec Messaging Gateway contains an unspecified vulnerability which can allow for remote code execution. With the ability to perform remote code execution, an attacker may also desire to perform privilege escalating actions.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-02-26 CVE Reserved
2017-08-11 CVE Published
2021-11-03 Exploited in Wild
2022-05-03 KEV Due Date
2024-07-25 EPSS Updated
2024-09-16 CVE Updated
2024-09-16 First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
http://seclists.org/fulldisclosure/2017/Aug/28	Mailing List
http://www.securityfocus.com/bid/100135	Broken Link

URL	Date	SRC
https://www.exploit-db.com/exploits/42519	2024-09-16

URL	Date	SRC

URL	Date	SRC
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00	2024-07-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Search vendor "Symantec"		Message Gateway Search vendor "Symantec" for product "Message Gateway"				< 10.6.3-267 Search vendor "Symantec" for product "Message Gateway" and version " < 10.6.3-267"		-		Affected