Arbitrary Command Execution via Redirect in Symantec Web Gateway Management Console
CVE-2015-5690 · HIGH Severity
AV:N/AC:M/AU:S/C:C/I:C/A:C
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."
Learn more about our Web App Pen Testing.