Skip to main content

Liveupdate Administrator

3 CVEs product

Monthly

CVE-2014-1645 HIGH PATCH This Week

SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Liveupdate Administrator
NVD VulDB
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-1644 HIGH PATCH This Week

The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Liveupdate Administrator
NVD VulDB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2012-0304 MEDIUM This Month

Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Liveupdate Administrator
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Liveupdate Administrator
NVD VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Liveupdate Administrator
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM This Month

Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Liveupdate Administrator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy