Symantec Proxysg@6.6 Security Vulnerabilities and Issues — Symantec Proxysg@6.6 CVE List

Lucene search

BroadcomSymantec Proxysg6.6

7 matches found

CVE•added 2018/05/29 1:29 p.m.•46 views

CVE-2018-5241

Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, A...

9.8CVSS9.5AI score0.09752EPSS

CVE•added 2018/01/10 2:29 a.m.•44 views

CVE-2016-10257

The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing a...

6.1CVSS6AI score0.00378EPSS

CVE•added 2019/08/30 9:15 a.m.•41 views

CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web lis...

6.1CVSS5.9AI score0.0025EPSS

CVE•added 2019/08/30 9:15 a.m.•40 views

CVE-2018-18371

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP server ...

6.5CVSS6.4AI score0.00273EPSS

CVE•added 2017/05/11 2:30 p.m.•39 views

CVE-2016-9099

Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the ta...

6.1CVSS6.3AI score0.00312EPSS

CVE•added 2017/05/11 2:30 p.m.•37 views

CVE-2016-9097

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only acce...

8CVSS6.9AI score0.01223EPSS

CVE•added 2018/01/10 2:29 a.m.•35 views

CVE-2016-10256

The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web clien...

6.1CVSS6.1AI score0.00378EPSS