ID CVE-2016-9100
Summary Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the client host of an authenticated administrator user can, under certain circumstances, obtain sensitive authentication credential information.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:symantec_proxysg:6.7.3:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 08-07-2021 - 16:37)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 102454
confirm https://www.symantec.com/security-center/network-protection-security-advisories/SA155
sectrack 1040138
Last major update 08-07-2021 - 16:37
Published 11-05-2017 - 14:30
Last modified 08-07-2021 - 16:37
Back to Top