Description
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49738
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1026130
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43157
Scores
EPSS
0.0044
EPSS Percentile
63.5%
Details
CWE
CWE-89
Status
published
Products (20)
symantec/im_manager
6.0
symantec/im_manager
6.5
symantec/im_manager
7.0
symantec/im_manager
7.5
symantec/im_manager
8.3
symantec/im_manager
8.4.0
symantec/im_manager
8.4.1
symantec/im_manager
8.4.2
symantec/im_manager
8.4.5
symantec/im_manager
8.4.6
... and 10 more
Published
Oct 02, 2011
Tracked Since
Feb 18, 2026