CVE-2018-12243 is a vulnerability in Symantec Messaging Gateway
Published on September 19, 2018
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible.
Products Associated with CVE-2018-12243
Want to know whenever a new CVE is published for Symantec Messaging Gateway? stack.watch will email you.
Affected Versions
Symantec Corporation Symantec Messaging Gateway Version Prior to 10.6.6 is affected by CVE-2018-12243Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.