CVE-2016-9100

Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the client host of an authenticated administrator user can, under certain circumstances, obtain sensitive authentication credential information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
symantecCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
broadcomadvanced_secure_gateway
6.6 ≤
𝑥
< 6.6.5.13
broadcomadvanced_secure_gateway
6.7 ≤
𝑥
< 6.7.3.1
broadcomsymantec_proxysg
6.5 ≤
𝑥
< 6.5.10.6
broadcomsymantec_proxysg
6.6 ≤
𝑥
< 6.6.5.13
broadcomsymantec_proxysg
6.7 ≤
𝑥
< 6.7.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102454
http://www.securitytracker.com/id/1040138
https://www.symantec.com/security-center/network-protection-security-advisories/SA155
http://www.securityfocus.com/bid/102454
http://www.securitytracker.com/id/1040138
https://www.symantec.com/security-center/network-protection-security-advisories/SA155