Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1417
HistoryOct 26, 2017 - 8:00 a.m.

SA146: Improper User Authorization in ProxySG and ASG

2017-10-2608:00:00
Symantec Security Response
11

EPSS

0.002

Percentile

61.4%

JSON

SUMMARY

The ProxySG and ASG management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.

AFFECTED PRODUCTS

Advanced Secure Gateway (ASG)

CVE |Affected Version(s)|Remediation
CVE-2016-9097 | 6.7 | Not vulnerable, fixed in 6.7.2.1
6.6 | Upgrade to 6.6.5.8.

ProxySG

CVE |Affected Version(s)|Remediation
CVE-2016-9097 | 6.7 | Upgrade to 6.7.1.2.
6.6 | Upgrade to 6.6.5.8.
6.5 | Upgrade to 6.5.10.7.

ADDITIONAL PRODUCT INFORMATION

The ProxySG and ASG management consoles provide a web-based interface for authenticated administrators to configure, manage, and monitor the respective appliance. Both products define separate read-only and read-write authorization levels for authenticated administrators. Read-only administrators can only view appliance settings and policy configuration, but not modify them. They can also perform limited troubleshooting tasks. Read-write administrators have full access to the appliance settings and policy configuration. They can also perform all management tasks available through the management console.

ISSUES

CVE-2016-9097

Severity / CVSSv2 | High / 8.0 (AV:N/AC:L/Au:S/C:P/I:P/A:C) References| SecurityFocus: BID 101530 / NVD: CVE-2016-9097 Impact| Improper user authorization Description | The ProxySG and ASG management consoles do not, under certain circumstances, correctly check the authorization of read-only administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requries read-write access privileges.

ACKNOWLEDGEMENTS

Thanks to Jakub Pałaczyński and Pawel Bartunek for reporting this vulnerability.

REVISION

2017-11-25 SA status moved to Final
2017-11-09 Symantec recommends ProxySG 6.5 customers to upgrade to 6.5.10.7 or a later release to get the vulnerability fixes.
2017-10-26 initial public release

Related

nvd 1
cvelist 1
cve 1
prion 1
nessus 1
nvd
nvd
CVE-2016-9097
2017-05-11 14:30:16
cvelist
cvelist
CVE-2016-9097
2017-05-11 14:01:00
cve
cve
CVE-2016-9097
2017-05-11 14:30:16
prion
prion
Design/Logic Flaw
2017-05-11 14:30:00
nessus
nessus
Symantec (Blue Coat) ProxySG 6.5.x < 6.5.10.6 / 6.6.x < 6.6.5.8 / 6.7.x < 6.7.1.2 Impromper User Authorization Vulnerability
2017-11-03 00:00:00

EPSS

0.002

Percentile

61.4%

JSON
Related for SMNTC-1417
nvd1cvelist1cve1prion1nessus1