PT-2017-9954 · Symantec · Symantec Advanced Secure Gateway+1
Publicado
2017-05-11
·
Atualizado
2021-07-08
·
CVE-2016-9100
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Symantec Advanced Secure Gateway (ASG) versions 6.6 prior to 6.6.5.13
Symantec Advanced Secure Gateway (ASG) versions 6.7 prior to 6.7.3.1
ProxySG versions 6.5 prior to 6.5.10.6
ProxySG versions 6.6 prior to 6.6.5.13
ProxySG versions 6.7 prior to 6.7.3.1
Description
The issue allows an attacker with local access to the client host of an authenticated administrator user to obtain sensitive authentication credential information under certain circumstances.
Recommendations
For Symantec Advanced Secure Gateway (ASG) versions 6.6 prior to 6.6.5.13, update to version 6.6.5.13 or later.
For Symantec Advanced Secure Gateway (ASG) versions 6.7 prior to 6.7.3.1, update to version 6.7.3.1 or later.
For ProxySG versions 6.5 prior to 6.5.10.6, update to version 6.5.10.6 or later.
For ProxySG versions 6.6 prior to 6.6.5.13, update to version 6.6.5.13 or later.
For ProxySG versions 6.7 prior to 6.7.3.1, update to version 6.7.3.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Proxysg
Symantec Advanced Secure Gateway