Sign-up

ID

VAR-201509-0146


CVE

CVE-2015-5690


TITLE

Symantec Web Gateway Vulnerability that bypasses access restrictions in the management console running on the appliance software

Trust: 0.8

sources: JVNDB: JVNDB-2015-004897

DESCRIPTION

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect.". Authentication is not required to exploit this vulnerability. The specific flaw exists within the path processing for command URLs accessed through the management port of the gateway. A crafted URL can cause the Web Gateway to execute a command that should not be available externally. An attacker can exploit this vulnerability to execute arbitrary commands under the context of root. Symantec Web Gateway (SWG) is a set of network content filtering software developed by Symantec Corporation of the United States. The software provides web content filtering, data loss prevention, and more. A security vulnerability exists in the management console in SWG appliances using software versions earlier than 5.2.2 DB 5.0.0.1277

Trust: 2.61

sources: NVD: CVE-2015-5690 // JVNDB: JVNDB-2015-004897 // ZDI: ZDI-15-444 // BID: 76725 // VULHUB: VHN-83651

AFFECTED PRODUCTS

vendor:symantecmodel:web gatewayscope:lteversion:5.2.2

Trust: 1.0

vendor:symantecmodel:web gatewayscope:ltversion:5.2.2 db 5.0.0.1277

Trust: 0.8

vendor:symantecmodel:web gatewayscope: - version: -

Trust: 0.7

vendor:symantecmodel:web gatewayscope:eqversion:5.2.2

Trust: 0.6

vendor:symantecmodel:web gatewayscope:eqversion:5.0.3

Trust: 0.3

vendor:symantecmodel:web gatewayscope:eqversion:5.0.1

Trust: 0.3

vendor:symantecmodel:web gatewayscope:eqversion:5.0

Trust: 0.3

vendor:symantecmodel:web gatewayscope:eqversion:4.5.0.376

Trust: 0.3

vendor:symantecmodel:web gatewayscope:eqversion:4.5

Trust: 0.3

sources: ZDI: ZDI-15-444 // BID: 76725 // JVNDB: JVNDB-2015-004897 // CNNVD: CNNVD-201509-254 // NVD: CVE-2015-5690

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-5690
value: HIGH

Trust: 1.0

NVD: CVE-2015-5690
value: HIGH

Trust: 0.8

ZDI: CVE-2015-5690
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201509-254
value: HIGH

Trust: 0.6

VULHUB: VHN-83651
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-5690
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2015-5690
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-83651
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZDI: ZDI-15-444 // VULHUB: VHN-83651 // JVNDB: JVNDB-2015-004897 // CNNVD: CNNVD-201509-254 // NVD: CVE-2015-5690

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-83651 // JVNDB: JVNDB-2015-004897 // NVD: CVE-2015-5690

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-254

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201509-254

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004897

PATCH
title:SYM15-009url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00
Trust: 1.5
sources:
            
            
            ZDI: ZDI-15-444 // 
            
            
            
            JVNDB: JVNDB-2015-004897

EXTERNAL IDS
db:NVDid:CVE-2015-5690
Trust: 3.5
db:ZDIid:ZDI-15-444
Trust: 2.7
db:BIDid:76725
Trust: 2.0
db:SECTRACKid:1033625
Trust: 1.1
db:JVNDBid:JVNDB-2015-004897
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3057
Trust: 0.7
db:CNNVDid:CNNVD-201509-254
Trust: 0.7
db:VULHUBid:VHN-83651
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-444 // 
            
            
            
            VULHUB: VHN-83651 // 
            
            
            
            BID: 76725 // 
            
            
            
            JVNDB: JVNDB-2015-004897 // 
            
            
            
            CNNVD: CNNVD-201509-254 // 
            
            
            
            NVD: CVE-2015-5690

REFERENCES
url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00
Trust: 2.6
url:http://www.zerodayinitiative.com/advisories/zdi-15-444/
Trust: 2.0
url:http://www.securityfocus.com/bid/76725
Trust: 1.7
url:http://www.securitytracker.com/id/1033625
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5690
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5690
Trust: 0.8
url:http://www.symantec.com
Trust: 0.3
url:http://www.symantec.com/business/web-gateway
Trust: 0.3
url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-444 // 
            
            
            
            VULHUB: VHN-83651 // 
            
            
            
            BID: 76725 // 
            
            
            
            JVNDB: JVNDB-2015-004897 // 
            
            
            
            CNNVD: CNNVD-201509-254 // 
            
            
            
            NVD: CVE-2015-5690

CREDITS
Anonymous working with HP's Zero Day Initiative.
Trust: 0.9
sources:
            
            
            BID: 76725 // 
            
            
            
            CNNVD: CNNVD-201509-254

SOURCES
db:ZDIid:ZDI-15-444
db:VULHUBid:VHN-83651
db:BIDid:76725
db:JVNDBid:JVNDB-2015-004897
db:CNNVDid:CNNVD-201509-254
db:NVDid:CVE-2015-5690

LAST UPDATE DATE
2025-04-13T23:09:47.181000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-444date:2015-09-16T00:00:00
db:VULHUBid:VHN-83651date:2016-12-22T00:00:00
db:BIDid:76725date:2015-11-03T19:14:00
db:JVNDBid:JVNDB-2015-004897date:2015-09-29T00:00:00
db:CNNVDid:CNNVD-201509-254date:2015-09-25T00:00:00
db:NVDid:CVE-2015-5690date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZDIid:ZDI-15-444date:2015-09-16T00:00:00
db:VULHUBid:VHN-83651date:2015-09-20T00:00:00
db:BIDid:76725date:2015-09-16T00:00:00
db:JVNDBid:JVNDB-2015-004897date:2015-09-29T00:00:00
db:CNNVDid:CNNVD-201509-254date:2015-09-18T00:00:00
db:NVDid:CVE-2015-5690date:2015-09-20T20:59:05.257