PT-2013-3278 · Symantec · Symantec Security Information Manager

Published

2013-07-08

Updated

2013-07-08

CVE-2013-1615

CVSS v2.0

2.9

Low

Vector

AV:A/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Symantec Security Information Manager appliance versions 4.7.x through 4.8.x

Description The management console on the Symantec Security Information Manager appliance allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.

Recommendations For versions 4.7.x through 4.8.x, update to version 4.8.1 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2013-1615

Affected Products

Symantec Security Information Manager

PT-2013-3278 · Symantec · Symantec Security Information Manager

CVE-2013-1615

Weakness Enumeration

Related Identifiers

Affected Products

References · 3