Secure Web Gateway Security Vulnerabilities and Issues — Secure Web Gateway CVE List

SkyhighsecuritySecure Web Gateway

3 matches found

CVE•added 2023/09/13 6:53 a.m.•2490 views

CVE-2023-4400

Skyhigh Secure Web Gateway (SWG) is affected: versions 11.x prior to 11.2.14, 10.x prior to 10.2.25, and 12.x prior to 12.2.1 contain a password-management issue where authentication information stored in configuration files can be extracted via the SWG REST API because passwords are stored in pl...

6.5CVSS6.5AI score0.003EPSS

CVE•added 2022/07/27 9:20 a.m.•58 views

CVE-2022-2310

CVE-2022-2310 affects Skyhigh SWG. An authentication bypass allows remote login to the admin UI due to improper whitelisting of bypass methods and a weak crypto password. Affected versions include Skyhigh SWG 8.x–8.2.27, 9.x–9.2.22, 10.x–10.2.11, and 11.x–11.2.0. Remediation: upgrade to 8.2.28+, ...

10CVSS9.6AI score0.01014EPSS

CVE•added 2024/07/15 8:52 a.m.•55 views

CVE-2024-6398

Trellix Secure Web Gateway (SWG) has an information disclosure vulnerability (CVE-2024-6398) affecting SWG 11.x before 11.2.24 and 12.x before 12.2.10. The issue arises from a browser Same Origin Policy bypass that can cause data on customizable block pages to be disclosed to third-party websites...

5.3CVSS6.3AI score0.00329EPSS