Vulnerabilities > Symantec > Messaging Gateway > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2019-18379 | Server-Side Request Forgery (SSRF) vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | 7.5 |
| 2018-09-19 | CVE-2018-12242 | Improper Authentication vulnerability in Symantec Messaging Gateway The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network. | 7.5 |
| 2017-06-26 | CVE-2017-6324 | Security Bypass vulnerability in Symantec Messaging Gateway The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. | 7.5 |
| 2012-08-29 | CVE-2012-3580 | Security Bypass vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. low complexity symantec | 7.7 |
| 2012-08-29 | CVE-2012-3579 | Permissions, Privileges, and Access Controls vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. | 7.9 |