Symantec Liveupdate Administrator — known CVE vulnerabilities
Every CVE whose affected-product data names Symantec Liveupdate Administrator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2014-1644 — CVSS 7.5 (high): The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110…
CVE-2014-1645 — CVSS 7.5 (high): SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows…
CVE-2012-0304 — CVSS 6.9 (medium): Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows…
CVE-2011-0545 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers…
CVE-2011-1524 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows…