CVE-2022-25627

An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
symantecCNA
---
---
CVEADP
---
---
CISA-ADPADP
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
broadcomsymantec_identity_governance_and_administration
14.3
broadcomsymantec_identity_governance_and_administration
14.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.broadcom.com/external/content/SecurityAdvisories/0/21136
https://support.broadcom.com/external/content/SecurityAdvisories/0/21136