{"vuid":"VU#719172","idnumber":"719172","name":"Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities","keywords":["symantec","web","gateway","sqli","sql","xss","cross","site","scripting","cwe-79","cwe-89"],"overview":"Symantec Web Gateway 5.1.1.24, and possibly earlier versions, contains cross-site scripting and SQL injection vulnerabilities.","clean_desc":"CVE-2014-1652 - CWE-79: Improper Neutralization of Input During Web Page Generation\nSymantec Web Gateway 5.1.1.24, and possibly earlier versions, contains a cross-site scripting vulnerability in the filter_date_period, variable and operator parameters of the /spywall/entSummary.php, /spywall/custom_report.php, /spywall/host_spy_report.php and /spywall/repairedclients.php pages. CVE-2014-1651 - CWE-89: Improper Neutralization of Special Elements used in an SQL Command\nSymantec Web Gateway 5.1.1.24, and possibly earlier versions, contains a SQL injection vulnerability in the hostname parameter of the clientreport.php page. Additional details may be found in Symantec security advisory SYM14-010. The CVSS score below is for CVE-2014-1651.","impact":"A remote unauthenticated attacker may be able to inject arbitrary script or SQL commands.","resolution":"Apply an Update Symantec Web Gateway users should upgrade to 5.2.1 or later. Users can click “Check for Updates” on the Administration->Updates page to receive the fixed version. If you are unable to upgrade, please consider the following workaround.","workarounds":"Restrict Access As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS or SQLi attacks since the attack comes as a request from a legitimate user's host. Restricting access would prevent an attacker from accessing the web interface using stolen credentials from a blocked network location.","sysaffected":"","thanks":"Thanks to Min1214 of INFOSEC Inc. working through KrCERT/CC for reporting these vulnerabilities.","author":"This document was written by Jared Allar.","public":["h","t","t","p",":","/","/","w","w","w",".","s","y","m","a","n","t","e","c",".","c","o","m","/","s","e","c","u","r","i","t","y","_","r","e","s","p","o","n","s","e","/","s","e","c","u","r","i","t","y","u","p","d","a","t","e","s","/","d","e","t","a","i","l",".","j","s","p","?","f","i","d","=","s","e","c","u","r","i","t","%","2","0","y","_","a","d","v","i","s","o","r","y","&","p","v","i","d","=","s","e","c","u","r","i","t","y","_","a","d","v","i","s","o","r","y","&","y","e","a","r","=","&","s","u","i","d","=","2","0","1","4","0","6","1","6","_","0","0"],"cveids":["CVE-2014-1652","CVE-2014-1651"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2014-02-19T19:38:25Z","publicdate":"2014-06-16T00:00:00Z","datefirstpublished":"2014-06-17T15:37:17Z","dateupdated":"2014-06-17T15:37:17Z","revision":13,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"A","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"LM","cvss_targetdistribution":"M","cvss_securityrequirementscr":"M","cvss_securityrequirementsir":"M","cvss_securityrequirementsar":"L","cvss_basescore":"4.8","cvss_basevector":"AV:A/AC:L/Au:N/C:P/I:P/A:N","cvss_temporalscore":"4.2","cvss_environmentalscore":"4.42332446616306","cvss_environmentalvector":"CDP:LM/TD:M/CR:M/IR:M/AR:L","metric":0.0,"vulnote":null}