← Voltar para CVEs
CVE-2016-9097
N/ADescricao
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado5/11/2017
Ultima modificacao4/20/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
broadcom:advanced_secure_gatewaybroadcom:symantec_proxysg
Fraquezas (CWE)
CWE-264
Referencias
http://www.securityfocus.com/bid/101530(secure@symantec.com)
http://www.securitytracker.com/id/1039701(secure@symantec.com)
https://www.symantec.com/security-center/network-protection-security-advisories/SA146(secure@symantec.com)
http://www.securityfocus.com/bid/101530(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039701(af854a3a-2127-422b-91ae-364da2661108)
https://www.symantec.com/security-center/network-protection-security-advisories/SA146(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.