Vulnerabilities > Symantec > Messaging Gateway
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-08-29 | CVE-2012-3581 | Information Exposure vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. | 3.3 |
| 2012-08-29 | CVE-2012-3580 | Security Bypass vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. low complexity symantec | 7.7 |
| 2012-08-29 | CVE-2012-3579 | Permissions, Privileges, and Access Controls vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. | 7.9 |
| 2012-08-29 | CVE-2012-0308 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Messaging Gateway Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators. | 6.8 |
| 2012-08-29 | CVE-2012-0307 | Cross-Site Scripting vulnerability in Symantec Messaging Gateway Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content. | 4.3 |