← Back to CVEs
CVE-2016-9097
N/ADescription
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.
CVE Details
CVSS v3.1 ScoreN/A
Published5/11/2017
Last Modified4/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
broadcom:advanced_secure_gatewaybroadcom:symantec_proxysg
Weaknesses (CWE)
CWE-264
References
http://www.securityfocus.com/bid/101530(secure@symantec.com)
http://www.securitytracker.com/id/1039701(secure@symantec.com)
https://www.symantec.com/security-center/network-protection-security-advisories/SA146(secure@symantec.com)
http://www.securityfocus.com/bid/101530(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039701(af854a3a-2127-422b-91ae-364da2661108)
https://www.symantec.com/security-center/network-protection-security-advisories/SA146(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.