Symantec Enterprise Firewall — known CVE vulnerabilities
Every CVE whose affected-product data names Symantec Enterprise Firewall, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2004-1029 — CVSS 9.3 (critical): The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly…
CVE-2007-4422 — CVSS 9.3 (critical): The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates…
CVE-2002-1463 — CVSS 7.5 (high): Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway…
CVE-2003-0106 — CVSS 7.5 (high): The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that…
CVE-2002-0538 — CVSS 7.5 (high): FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote…
CVE-2004-0369 — CVSS 7.5 (high): Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0…
CVE-2005-3768 — CVSS 7.5 (high): Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise…
CVE-2002-0302 — CVSS 5.0 (medium): The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent…
CVE-2006-2341 — CVSS 5.0 (medium): The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote…
CVE-2002-0990 — CVSS 5.0 (medium): The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec…
CVE-2004-1754 — CVSS 5.0 (medium): The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS…
CVE-2005-0817 — CVSS 5.0 (medium): Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and…
CVE-2002-0309 — CVSS 5.0 (medium): SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol…
CVE-2002-1535 — CVSS 5.0 (medium): Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the…
CVE-2002-2294 — CVSS 5.0 (medium): Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and…