Vulnerabilities > Symantec > Messaging Gateway > High

DATE CVE VULNERABILITY TITLE RISK
2019-12-11 CVE-2019-18379 Server-Side Request Forgery (SSRF) vulnerability in Symantec Messaging Gateway
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.
network
low complexity
symantec CWE-918
7.5
2018-09-19 CVE-2018-12242 Improper Authentication vulnerability in Symantec Messaging Gateway
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network.
network
low complexity
symantec CWE-287
7.5
2017-06-26 CVE-2017-6324 Security Bypass vulnerability in Symantec Messaging Gateway
The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled.
network
low complexity
symantec
7.5
2012-08-29 CVE-2012-3580 Security Bypass vulnerability in Symantec Messaging Gateway
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
low complexity
symantec
7.7
2012-08-29 CVE-2012-3579 Permissions, Privileges, and Access Controls vulnerability in Symantec Messaging Gateway
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
7.9