CVE-2012-4347

Name of the Vulnerable Software and Affected Versions Symantec Messaging Gateway versions 9.5.x

Description The issue concerns directory traversal vulnerabilities in the management console. These vulnerabilities allow remote authenticated users to read arbitrary files. This can be achieved by including a .. (dot dot) in specific parameters, such as the logFile parameter in a logs action to "brightmail/export" or the localBackupFileSelection parameter in an APPLIANCE restoreSource action to "brightmail/admin/restore/download.do".

Recommendations For Symantec Messaging Gateway versions 9.5.x, consider restricting access to the management console and limiting the ability to perform logs actions or APPLIANCE restoreSource actions until a fix is available. As a temporary workaround, avoid using the logFile and localBackupFileSelection parameters in the affected API endpoints.