Symantec Web Gateway Management Console Remote Code Execution Exploit

The Symantec Web Gateway Management Console before 5.2.5 allows some specially crafted entries to update the whitelist without validation. A lower-privileged but authorized management console user can bypass the whitelist validation using a specifically-modified script to create an unauthorized whitelist entry. This whitelist entry could potentially be leveraged in further malicious attempts against the network.
Vulnerabilty ID: 
Product Version: 
Released Date: 
Sunday, October 30, 2016 - 19:00