CVSS: 8.0EPSS: 1%CPEs: 29EXPL: 0CVE-2016-9097
https://notcve.org/view.php?id=CVE-2016-9097
11 May 2017 — The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges. Las consolas de administración Advanced Secure Gateway (ASG) versiones 6.6 anteriores a 6.6.... • http://www.securityfocus.com/bid/101530 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-9099
https://notcve.org/view.php?id=CVE-2016-9099
11 May 2017 — Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site. Advanced Secure Gateway (ASG) versión 6.6, ASG versiones 6.7 anteriores a 6.7.2.1, ProxySG versiones 6.5 anteriores a 6.5.10.6, ProxySG versión 6.6 y ProxySG versiones 6.7 anteri... • http://www.securityfocus.com/bid/102455 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-9100
https://notcve.org/view.php?id=CVE-2016-9100
11 May 2017 — Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the client host of an authenticated administrator user can, under certain circumstances, obtain sensitive authentication credential information. Advanced Secure Gateway (ASG) versiones 6.6 anteriores a 6.6.5.13, ASG versiones 6.7 anteri... • http://www.securityfocus.com/bid/102454 • CWE-255: Credentials Management Errors •