CVE-2016-9099
N/A
N/A
Summary
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Symantec Corporation | ASG | 6.6 | affected |
| Symantec Corporation | ASG | 6.7 prior to 6.7.2.1 | affected |
| Symantec Corporation | ProxySG | 6.5 prior to 6.5.10.6 | affected |
| Symantec Corporation | ProxySG | 6.6 | affected |
| Symantec Corporation | ProxySG | 6.7 prior to 6.7.2.1 | affected |
Weaknesses
- Open redirection
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/102455
- http://www.securitytracker.com/id/1040138
- https://www.symantec.com/security-center/network-protection-security-advisories/SA155
References
- http://www.securityfocus.com/bid/102455
- http://www.securitytracker.com/id/1040138
- https://www.symantec.com/security-center/network-protection-security-advisories/SA155
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.