CVEブラウザに戻る

CVE-2016-9100

HIGH

7.8

CVSS Severity Score

EPSS Score0.0890%

EPSS Percentile14.11th

Published2017年5月11日

Last Modified2026年5月13日

Vulnerability Description

Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the client host of an authenticated administrator user can, under certain circumstances, obtain sensitive authentication credential information.

Affected Platforms (CPE)

📦

Broadcom

Advanced Secure Gateway

>= 6.6 and < 6.6.5.13

📦

Broadcom

Advanced Secure Gateway

>= 6.7 and < 6.7.3.1

📦

Broadcom

Symantec Proxysg

>= 6.5 and < 6.5.10.6

📦

Broadcom

Symantec Proxysg

>= 6.6 and < 6.6.5.13

📦

Broadcom

Symantec Proxysg

>= 6.7 and < 6.7.3.1

References & Advisories

🔗 http://www.securityfocus.com/bid/102454

🔗 http://www.securitytracker.com/id/1040138

🔗 https://www.symantec.com/security-center/network-protection-security-advisories/SA155

🔗 http://www.securityfocus.com/bid/102454

🔗 http://www.securitytracker.com/id/1040138

🔗 https://www.symantec.com/security-center/network-protection-security-advisories/SA155

関連する脆弱性情報

CVE-2016-36459.8

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Da...

CVE-2018-52419.8

Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass ...

CVE-2021-306489.8

The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnera...

CVE-2021-468259.1

Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated ...