CVE-2011-0553

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-0553
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/43157 Vendor Advisory
http://securitytracker.com/id?1026130
http://www.securityfocus.com/bid/49738
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
http://secunia.com/advisories/43157 Vendor Advisory
http://securitytracker.com/id?1026130
http://www.securityfocus.com/bid/49738
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:im_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:6.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:7.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.6:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.7:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.8:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.9:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.10:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.11:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.12:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.13:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.15:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager:8.4.16:*:*:*:*:*:*:*
History

21 Nov 2024, 01:24

Type Values Removed Values Added
References () http://secunia.com/advisories/43157 - Vendor Advisory () http://secunia.com/advisories/43157 - Vendor Advisory
References () http://securitytracker.com/id?1026130 - () http://securitytracker.com/id?1026130 -
References () http://www.securityfocus.com/bid/49738 - () http://www.securityfocus.com/bid/49738 -
References () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00 - () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00 -
Information

Published : 2011-10-02 02:53

Updated : 2024-11-21 01:24

NVD link : CVE-2011-0553

Mitre link : CVE-2011-0553

CVE.ORG link : CVE-2011-0553

JSON object : View

Products Affected

symantec

  • im_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')