Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSymantecCVELIST:CVE-2016-9097
HistoryMay 11, 2017 - 2:01 p.m.

CVE-2016-9097

2017-05-1114:01:00
symantec
www.cve.org
3

EPSS

0.002

Percentile

61.4%

JSON

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.

CNA Affected

[
  {
    "product": "Symantec Advanced Secure Gateway (ASG) and ProxySG",
    "vendor": "Symantec Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, ProxySG 6.7 prior to 6.7.1.2"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
nessus 1
symantec 1
nvd
nvd
CVE-2016-9097
2017-05-11 14:30:16
cve
cve
CVE-2016-9097
2017-05-11 14:30:16
prion
prion
Design/Logic Flaw
2017-05-11 14:30:00
nessus
nessus
Symantec (Blue Coat) ProxySG 6.5.x < 6.5.10.6 / 6.6.x < 6.6.5.8 / 6.7.x < 6.7.1.2 Impromper User Authorization Vulnerability
2017-11-03 00:00:00
symantec
symantec
SA146: Improper User Authorization in ProxySG and ASG
2017-10-26 08:00:00

EPSS

0.002

Percentile

61.4%

JSON
Related for CVELIST:CVE-2016-9097
nvd1cve1prion1nessus1symantec1