CVE-2021-46825

Name of the Vulnerable Software and Affected Versions Symantec Advanced Secure Gateway (ASG) and ProxySG (affected versions not specified)

Description The issue is related to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the same web server, the attacker can send crafted HTTP requests and cause the proxy to forward web server responses to unintended clients. This can be exploited by a remote attacker to perform an HTTP request smuggling attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.