CVE-2016-9097
N/A
N/A
Summary
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Symantec Corporation | Symantec Advanced Secure Gateway (ASG) and ProxySG | ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, ProxySG 6.7 prior to 6.7.1.2 | affected |
Weaknesses
- Improper user authorization
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/101530
- http://www.securitytracker.com/id/1039701
- https://www.symantec.com/security-center/network-protection-security-advisories/SA146
References
- http://www.securityfocus.com/bid/101530
- http://www.securitytracker.com/id/1039701
- https://www.symantec.com/security-center/network-protection-security-advisories/SA146
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.