Unrestricted file upload

2018-04-1114:29:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.

CPENameOperatorVersion
advanced_secure_gatewayge6.7
advanced_secure_gatewaylt6.7.3.1
advanced_secure_gatewayge6.6
advanced_secure_gatewaylt6.6.5.14
symantec_proxysgge6.6
symantec_proxysglt6.6.5.14
symantec_proxysgge6.5
symantec_proxysglt6.5.10.8
symantec_proxysgge6.7
symantec_proxysglt6.7.3.1

Name	Operator	Version
advanced_secure_gateway	ge	6.7
advanced_secure_gateway	lt	6.7.3.1
advanced_secure_gateway	ge	6.6
advanced_secure_gateway	lt	6.6.5.14
symantec_proxysg	ge	6.6
symantec_proxysg	lt	6.6.5.14
symantec_proxysg	ge	6.5
symantec_proxysg	lt	6.5.10.8
symantec_proxysg	ge	6.7
symantec_proxysg	lt	6.7.3.1