CVE-2021-30648

The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
symantecCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
broadcomsymantec_proxysg
6.5 ≤
𝑥
< 6.5.10.16
broadcomsymantec_proxysg
6.6 ≤
𝑥
< 6.6.5.19
broadcomsymantec_proxysg
6.7 ≤
𝑥
< 6.7.5.12
broadcomsymantec_proxysg
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_proxysg
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s200-30_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s200-30_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s200-30_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s200-30_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s200-40_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s200-40_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s200-40_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s200-40_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s400-20_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s400-20_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s400-20_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s400-20_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s400-30_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s400-30_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s400-30_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s400-30_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s400-40_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s400-40_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s400-40_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s400-40_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_500-10_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_500-10_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_500-10_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_500-10_firmware
7.3 ≤
𝑥
< 7.3.3.3
broadcomsymantec_advanced_secure_gateway_s500-20_firmware
6.6 ≤
𝑥
< 6.7.4.17
broadcomsymantec_advanced_secure_gateway_s500-20_firmware
6.7.5.0 ≤
𝑥
< 6.7.5.12
broadcomsymantec_advanced_secure_gateway_s500-20_firmware
7.2 ≤
𝑥
< 7.2.7.2
broadcomsymantec_advanced_secure_gateway_s500-20_firmware
7.3 ≤
𝑥
< 7.3.3.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331
https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331