← Back

CVE-2013-4671

nvd nist
Published: Aug 1, 2013Modified: Apr 29, 2026

JSON object

Loading...
6.0
Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 6.8 / Impact: 6.4
Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Affected (8)

Symantec
3 products
Web Gateway
Web Gateway Appliance 8450
Web Gateway Appliance 8490
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Symantec
Web Gateway
Up to 5.1
Web Gateway
Version 5.0.1
Web Gateway
Version 5.0.2
Web Gateway
Version 5.0.3.18
Web Gateway
Version 5.0.3
Web Gateway
Version 5.0
Web Gateway Appliance 8450
All versions
Web Gateway Appliance 8490
All versions

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (10)

Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.