CVE-2016-9097
EUVD-2016-991811.05.2017, 14:30
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| broadcom | advanced_secure_gateway | 6.6 |
| broadcom | advanced_secure_gateway | 6.6.3 |
| broadcom | advanced_secure_gateway | 6.6.4 |
| broadcom | advanced_secure_gateway | 6.6.4.3 |
| broadcom | advanced_secure_gateway | 6.6.5.1 |
| broadcom | symantec_proxysg | 6.5 |
| broadcom | symantec_proxysg | 6.5.1 |
| broadcom | symantec_proxysg | 6.5.2 |
| broadcom | symantec_proxysg | 6.5.2.10 |
| broadcom | symantec_proxysg | 6.5.4.1 |
| broadcom | symantec_proxysg | 6.5.5.7 |
| broadcom | symantec_proxysg | 6.5.6.1 |
| broadcom | symantec_proxysg | 6.5.7.6 |
| broadcom | symantec_proxysg | 6.5.9.2 |
| broadcom | symantec_proxysg | 6.5.9.8 |
| broadcom | symantec_proxysg | 6.5.9.10 |
| broadcom | symantec_proxysg | 6.5.9.14 |
| broadcom | symantec_proxysg | 6.6 |
| broadcom | symantec_proxysg | 6.6.2 |
| broadcom | symantec_proxysg | 6.6.2.1 |
| broadcom | symantec_proxysg | 6.6.2.2 |
| broadcom | symantec_proxysg | 6.6.3 |
| broadcom | symantec_proxysg | 6.6.3.2 |
| broadcom | symantec_proxysg | 6.6.4 |
| broadcom | symantec_proxysg | 6.6.4.1 |
| broadcom | symantec_proxysg | 6.6.4.3 |
| broadcom | symantec_proxysg | 6.6.5 |
| broadcom | symantec_proxysg | 6.7 |
| broadcom | symantec_proxysg | 6.7.1.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References