The host is installed with Symantec IM Manager before 8.4.17 and is prone to SQL injection vulnerability. A flaw is present in the application which fails to sufficiently validate user-supplied data before using it in an SQL query. Successful exploitation allows remote attackers to execute arbitrary SQL commands.