CVE-2017-13678
N/A
N/A
Summary
Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Symantec Corporation | Advanced Secure Gateway (ASG) | 6.6 prior to 6.6.5.14 | affected |
| Symantec Corporation | Advanced Secure Gateway (ASG) | 6.7 prior to 6.7.4.107 | affected |
| Symantec Corporation | ProxySG | 6.5 prior to 6.5.10.8 | affected |
| Symantec Corporation | ProxySG | 6.6 prior to 6.6.5.14 | affected |
| Symantec Corporation | ProxySG | 6.7 prior to 6.7.4.107 | affected |
Weaknesses
- Stored XSS
ADP Enrichment
CVE Program Container
Additional References
- https://www.symantec.com/security-center/network-protection-security-advisories/SA162
- http://www.securityfocus.com/bid/103685
- http://www.securitytracker.com/id/1040757
References
- https://www.symantec.com/security-center/network-protection-security-advisories/SA162
- http://www.securityfocus.com/bid/103685
- http://www.securitytracker.com/id/1040757
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.