CVE-2017-13677

3 documents3 sources

Severity

7.5HIGH

EPSS

7.2%

top 8.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Advanced Secure Gateway Broadcom Symantec Proxysg Symantec Corporation Advanced Secure Gateway (asg)+1 more

Timeline

PublishedApr 11

Latest updateMay 13

Description

Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5symantec_corporation/advanced_secure_gateway_(asg)6.6 prior to 6.6.5.14, 6.7 prior to 6.7.3.1+1

▶NVDbroadcom/advanced_secure_gateway6.6 — 6.6.5.14+1

▶NVDbroadcom/symantec_proxysg6.5 — 6.5.10.8+2

▶CVEListV5symantec_corporation/proxysg6.5 prior to 6.5.10.8, 6.6 prior to 6.6.5.14, 6.7 prior to 6.7.3.1+2

🔴Vulnerability Details

GHSA

GHSA-jv68-f9mv-qwp2: Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles↗2022-05-13

▶

CVEList

CVE-2017-13677: Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles↗2018-04-11

▶