CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-30648

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile24.32th
Published2021年6月30日
Last Modified2024年11月21日

Vulnerability Description

The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.

Affected Platforms (CPE)

📦
Broadcom

Symantec Proxysg

>= 6.5 and < 6.5.10.16
📦
Broadcom

Symantec Proxysg

>= 6.6 and < 6.6.5.19
📦
Broadcom

Symantec Proxysg

>= 6.7 and < 6.7.5.12
📦
Broadcom

Symantec Proxysg

>= 7.2 and < 7.2.7.2
📦
Broadcom

Symantec Proxysg

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S200 30 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S200 30 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S200 30 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S200 30 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S200 40 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S200 40 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S200 40 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S200 40 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S400 20 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S400 20 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S400 20 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S400 20 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S400 30 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S400 30 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S400 30 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S400 30 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S400 40 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S400 40 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S400 40 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S400 40 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway 500 10 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway 500 10 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway 500 10 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway 500 10 Firmware

>= 7.3 and < 7.3.3.3
💻
Broadcom

Symantec Advanced Secure Gateway S500 20 Firmware

>= 6.6 and < 6.7.4.17
💻
Broadcom

Symantec Advanced Secure Gateway S500 20 Firmware

>= 6.7.5.0 and < 6.7.5.12
💻
Broadcom

Symantec Advanced Secure Gateway S500 20 Firmware

>= 7.2 and < 7.2.7.2
💻
Broadcom

Symantec Advanced Secure Gateway S500 20 Firmware

>= 7.3 and < 7.3.3.3

References & Advisories

🔗 https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331
🔗 https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331

関連する脆弱性情報

CVE-2018-52419.8

Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass ...

CVE-2021-468259.1

Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated ...

CVE-2016-91007.8

Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6...

CVE-2017-136777.5

Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote atta...