Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-25628

An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4

Published

2022-12-16T16:15:21.650

Last Modified

2025-04-18T14:15:18.087

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses
  • Type: Primary
    CWE-611
  • Type: Secondary
    CWE-611
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application broadcom symantec_identity_governance_and_administration 14.3 Yes
Application broadcom symantec_identity_governance_and_administration 14.4 Yes
References