Intrusion Prevention

Symantec.Messaging.Gateway.Save.do.CSRF

Description

This indicates an attack attempt to exploit a Cross Site Request Forgery vulnerability in Symantec messaging gateway.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and create additional administrator user in the system.

Affected Products

Symantec Messaging Gateway 9.5.x

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

CVE References

CVE-2012-0308