The host is installed with Symantec Messaging Gateway 9.5.x before 10.0 and is prone to security-bypass vulnerability. A flaw is present in the application, which fails to prevent the bypass of certain security restrictions. Successful exploitation allows remote authenticated users to modify the web application by leveraging access to the management interface.