Filtered by vendor Broadcom
Subscriptions
Filtered by product Symantec Privileged Access Management
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38493 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI. | ||||
| CVE-2024-36456 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-11-21 | N/A |
| This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. | ||||
| CVE-2024-36455 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-11-21 | N/A |
| An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request. | ||||
| CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-11-21 | 8.8 High |
| A malicious unauthorized PAM user can access the administration configuration data and change the values. | ||||
Page 1 of 1.