CVE-2013-1615

Symantec Security Information Manager 4.7.x-4.8.x - Exposure of Sensitive Information via Web-GUI API Calls

Title source: llm

Description

The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/60798

Scores

EPSS 0.0011

EPSS Percentile 29.6%

Details

CWE

CWE-200

Status published

Products (7)

symantec/security_information_manager 4.7.0

symantec/security_information_manager 4.7.1

symantec/security_information_manager 4.7.2

symantec/security_information_manager 4.7.3

symantec/security_information_manager 4.7.4

symantec/security_information_manager 4.8.0

symantec/security_information_manager_appliance

Published Jul 08, 2013

Tracked Since Feb 18, 2026