CVE-2016-9100

CWE-2553 documents3 sources

Severity

7.8HIGH

EPSS

0.2%

top 61.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Advanced Secure Gateway Broadcom Symantec Proxysg Symantec Corporation ASG +1 more

Timeline

PublishedMay 11

Latest updateMay 13

Description

Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the client host of an authenticated administrator user can, under certain circumstances, obtain sensitive authentication credential information.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDbroadcom/symantec_proxysg6.5 — 6.5.10.6+2

▶CVEListV5symantec_corporation/proxysg6.5 prior to 6.5.10.6, 6.6 prior to 6.6.5.13, 6.7 prior to 6.7.3.1+2

▶NVDbroadcom/advanced_secure_gateway6.6 — 6.6.5.13+1

▶CVEListV5symantec_corporation/asg6.6 prior to 6.6.5.13, 6.7 prior to 6.7.3.1+1

🔴Vulnerability Details

GHSA

GHSA-wp7p-m228-g97j: Symantec Advanced Secure Gateway (ASG) 6↗2022-05-13

▶

CVEList

CVE-2016-9100: Symantec Advanced Secure Gateway (ASG) 6↗2017-05-11

▶