VYPR

Security Analytics

by Symantec

CVEs (2)

  • CVE-2021-30642CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.03

    An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges.

  • CVE-2018-12241MedNov 27, 2018
    risk 0.40cvss 6.1epss 0.01

    The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users…