CVE-2015-5690 Information

Description

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a \redirect.\

Reference

http://www.securityfocus.com/bid/76725 http://www.securitytracker.com/id/1033625 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00 http://www.zerodayinitiative.com/advisories/ZDI-15-444/