Symantec · Symantec Messaging Gateway · CVE-2016-2203
**Name of the Vulnerable Software and Affected Versions**
Symantec Messaging Gateway (SMG) Appliance versions prior to 10.6.1
**Description**
The issue allows local users to discover an encrypted AD password by leveraging certain read privileges on the management console of the affected devices.
**Recommendations**
For versions prior to 10.6.1, update to version 10.6.1 or later to resolve the issue.