CVE-2011-0549 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2011-0549

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.

Published: Jul 11, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0549
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
symantec / web_gateway	4.5.2.72	4.5.2.72.x
symantec / web_gateway	4.5	4.5.x
symantec / web_gateway	4.5.1.44	4.5.1.44.x
symantec / web_gateway	4.5.2.65	4.5.2.65.x
symantec / web_gateway	4.5.2.37	4.5.2.37.x
symantec / web_gateway	4.5.4.9	4.5.4.9.x
symantec / web_gateway	4.5.3.38	4.5.3.38.x
symantec / web_gateway	4.5.0.326	4.5.0.326.x
symantec / web_gateway	4.5.1.34	4.5.1.34.x