QwikSec

Security Database

CVE

CWE

Training

CVE-2016-9092

Published: May 11, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.

Vendor	Product	Versions
Symantec Corporation	Content Analysis (CA)	affected `1.3` affected `2.x prior to 2.2.1.1`
Symantec Corporation	Mail Threat Defense (MTD)	affected `1.1`

References

vdb-entry

x_refsource_BID

https://www.symantec.com/security-center/network-protection-security-advisories/SA149

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.