CVE-2017-6323

Name of the Vulnerable Software and Affected Versions Symantec Management Console versions prior to 8.1 RU1 Symantec Management Console versions prior to 8.0 POST HF6 Symantec Management Console versions prior to 7.6 POST HF7

Description The issue is related to the processing of XML input containing a reference to an external entity by a weakly configured XML parser. This can lead to the disclosure of confidential data, denial of service, server-side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

Recommendations For versions prior to 8.1 RU1, update to 8.1 RU1 or later. For versions prior to 8.0 POST HF6, update to 8.0 POST HF6 or later. For versions prior to 7.6 POST HF7, update to 7.6 POST HF7 or later.