CVE-2018-18370

Severity Score

6.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2.

El modo WebFTP del Proxy FTP de ASG/ProxySG, permite interceptar conexiones FTP donde un usuario accede a un servidor FTP por medio de una URL ftp:// en un navegador web. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en el modo WebFTP permite a un atacante remoto inyectar código JavaScript malicioso en un listado web de ASG/ProxySG de un servidor FTP remoto. La explotación de la vulnerabilidad requiere que el atacante sea capaz de cargar archivos especialmente diseñados en el servidor FTP remoto. Versiones afectadas: ASG versión 6.6 y versiones 6.7 anteriores a 6.7.4.2; ProxySG versiones 6.5 anteriores a 6.5.10.15, 6.6 y versiones 6.7 anteriores a 6.7.4.2.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-10-15 CVE Reserved
2019-08-29 CVE Published
2023-03-07 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.symantec.com/us/en/article.SYMSA1472.html	2021-07-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Broadcom Search vendor "Broadcom"		Advanced Secure Gateway Search vendor "Broadcom" for product "Advanced Secure Gateway"				>= 6.7 < 6.7.4.2 Search vendor "Broadcom" for product "Advanced Secure Gateway" and version " >= 6.7 < 6.7.4.2"		-		Affected
Broadcom Search vendor "Broadcom"		Advanced Secure Gateway Search vendor "Broadcom" for product "Advanced Secure Gateway"				6.6 Search vendor "Broadcom" for product "Advanced Secure Gateway" and version "6.6"		-		Affected
Broadcom Search vendor "Broadcom"		Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg"				>= 6.5 < 6.5.10.15 Search vendor "Broadcom" for product "Symantec Proxysg" and version " >= 6.5 < 6.5.10.15"		-		Affected
Broadcom Search vendor "Broadcom"		Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg"				>= 6.7 < 6.7.4.2 Search vendor "Broadcom" for product "Symantec Proxysg" and version " >= 6.7 < 6.7.4.2"		-		Affected
Broadcom Search vendor "Broadcom"		Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg"				6.6 Search vendor "Broadcom" for product "Symantec Proxysg" and version "6.6"		-		Affected