vulnerability
Symantec Messaging Gateway: CVE-2017-6327: Improper Neutralization of Special Elements used in a Command
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Aug 11, 2017 | Aug 13, 2025 | Aug 13, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Aug 11, 2017
Added
Aug 13, 2025
Modified
Aug 13, 2025
Description
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.
Solution
symantec-messaging-gateway-upgrade-latest
References
- CVE-2017-6327
- https://attackerkb.com/topics/CVE-2017-6327
- URL-http://seclists.org/fulldisclosure/2017/Aug/28
- URL-http://www.securityfocus.com/bid/100135
- URL-https://www.exploit-db.com/exploits/42519/
- URL-https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00
- CWE-77
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.