Symantec messaging gateway
This hub aggregates every CVE we track for Symantec messaging gateway, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
3
Critical
3
High
1
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Symantec messaging gateway.
- CVE-2024-23615Symantec Messaging Gateway Buffer Overflow10.0
- CVE-2024-23614Symantec Messaging Gateway Buffer Overflow10.0
- CVE-2021-30651A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.4.9
- CVE-2020-12595An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. T...4.9
- CVE-2020-12594A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to...7.2
- CVE-2019-9699Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.4.5
- CVE-2018-12242The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security m...9.8
- CVE-2018-12243The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external enti...8.8
- CVE-2014-0160The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from proces...KEV7.5
Product normalization is registry-driven with AI assist and human review. How it works