Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Filtered by product Symantec Privileged Access Management
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-38493 1 Broadcom 1 Symantec Privileged Access Management 2024-11-21 N/A 6.1 MEDIUM
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
CVE-2022-25625 1 Broadcom 1 Symantec Privileged Access Management 2024-11-21 N/A 8.8 HIGH
A malicious unauthorized PAM user can access the administration configuration data and change the values.