Symantec Identity Manager 14.4 Remote Cmd Exec via Phys Access to Mgt Console
CVE-2022-25627 Published on December 16, 2022
An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4
Vulnerability Analysis
CVE-2022-25627 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2022-25627 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2022-25627
Want to know whenever a new CVE is published for Broadcom Symantec Identity Governance Administration? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.