Vulnerabilities > Broadcom > Symantec Identity Governance AND Administration > 14.4

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-16	CVE-2022-25626	Unspecified vulnerability in Broadcom Symantec Identity Governance and Administration 14.3/14.4 An unauthenticated user can access Identity Manager’s management console specific page URLs. network low complexity broadcom	5.3
2022-12-16	CVE-2022-25627	Unspecified vulnerability in Broadcom Symantec Identity Governance and Administration 14.3/14.4 An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4 local low complexity broadcom	6.7
2022-12-16	CVE-2022-25628	XXE vulnerability in Broadcom Symantec Identity Governance and Administration 14.3/14.4 An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4 network low complexity broadcom CWE-611	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.