CVE-2013-1615

EUVD-2013-1650
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.9 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
symantecsecurity_information_manager
4.7.0
symantecsecurity_information_manager
4.7.1
symantecsecurity_information_manager
4.7.2
symantecsecurity_information_manager
4.7.3
symantecsecurity_information_manager
4.7.4
symantecsecurity_information_manager
4.8.0
symantecsecurity_information_manager_appliance
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/60798
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00
http://www.securityfocus.com/bid/60798
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00