CVE-2017-15532

Summary

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationMessaging GatewayPrior to 10.6.4affected

Weaknesses

  • Directory traversal

ADP Enrichment

CVE Program Container

Additional References

References