PT-2021-18783 · Symantec · Proxysg+1

Published

2021-06-30

Updated

2021-07-06

CVE-2021-30648

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Symantec Advanced Secure Gateway (ASG) and ProxySG (affected versions not specified)

Description The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass issue. An unauthenticated attacker can execute arbitrary CLI commands, view or modify the appliance configuration and policy, and shutdown or restart the appliance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-30648

Affected Products

Proxysg

Symantec Advanced Secure Gateway

PT-2021-18783 · Symantec · Proxysg+1

CVE-2021-30648

Weakness Enumeration

Related Identifiers

Affected Products

References · 5