CVE-2019-18375

Summary

The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability. A remote attacker, with access to the appliance management interface, can hijack the session of a currently logged-in user and access the management console.

Affected Software

VendorProductVersion RangeStatus
n/aSymantec Advanced Secure Gateway (ASG) and ProxySGASG 6.7.4 prior to 6.7.4.10, ASG 7.x prior to 7.2.0.1, ProxySG 6.7.4 prior to 6.7.4.10, ProxySG 7.x prior to 7.2.0.1affected

Weaknesses

  • Session hijacking

ADP Enrichment

CVE Program Container

Additional References

References