Vulnerabilities > CVE-2020-12595 - Unspecified vulnerability in Broadcom Symantec Messaging Gateway

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

broadcom

NVD

Published: 2020-12-10

Updated: 2020-12-14

Summary

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.

Vulnerable Configurations

Part	Description	Count
Application	Broadcom Broadcom Symantec Messaging Gateway -	1

References

https://support.broadcom.com/security-advisory/content/security-advisories/Privilege-Escalation-and-Information-Disclosure-Vulnerabilities-in-SMG/SYMSA16609