8

CVE-2016-9097

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BroadcomAdvanced Secure Gateway Version6.6.4.3
BroadcomAdvanced Secure Gateway Version6.6.5.1
BroadcomSymantec Proxysg Version6.5
BroadcomSymantec Proxysg Version6.5.1
BroadcomSymantec Proxysg Version6.5.2
BroadcomSymantec Proxysg Version6.5.2.10
BroadcomSymantec Proxysg Version6.5.4.1
BroadcomSymantec Proxysg Version6.5.5.7
BroadcomSymantec Proxysg Version6.5.6.1
BroadcomSymantec Proxysg Version6.5.7.6
BroadcomSymantec Proxysg Version6.5.9.2
BroadcomSymantec Proxysg Version6.5.9.8
BroadcomSymantec Proxysg Version6.5.9.10
BroadcomSymantec Proxysg Version6.5.9.14
BroadcomSymantec Proxysg Version6.6
BroadcomSymantec Proxysg Version6.6.2
BroadcomSymantec Proxysg Version6.6.2.1
BroadcomSymantec Proxysg Version6.6.2.2
BroadcomSymantec Proxysg Version6.6.3
BroadcomSymantec Proxysg Version6.6.3.2
BroadcomSymantec Proxysg Version6.6.4
BroadcomSymantec Proxysg Version6.6.4.1
BroadcomSymantec Proxysg Version6.6.4.3
BroadcomSymantec Proxysg Version6.6.5
BroadcomSymantec Proxysg Version6.7
BroadcomSymantec Proxysg Version6.7.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.22% 0.772
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 1.2 5.9
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 8 8 8.5
AV:N/AC:L/Au:S/C:P/I:P/A:C
http://www.securityfocus.com/bid/101530
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039701
Third Party Advisory
VDB Entry