cnvd - cnvd-2018-01377

cnvd-2018-01377

Vulnerability from cnvd

Title: Symantec ProxySG和Advanced Secure Gateway开放重定向漏洞

Description:

Symantec ProxySG和Advanced Secure Gateway（ASG）都是美国赛门铁克（Symantec）公司的安全网关设备。

Symantec ProxySG和ASG中存在开放重定向漏洞，该漏洞源于程序未能正确的过滤用户提交的输入。远程攻击者可通过构建特制的URI并诱使用户访问该URI利用该漏洞将用户重定向到攻击者控制的网站。

Severity: 低

Patch Name: Symantec ProxySG和Advanced Secure Gateway开放重定向漏洞的补丁

Patch Description:

Symantec ProxySG和Advanced Secure Gateway（ASG）都是美国赛门铁克（Symantec）公司的安全网关设备。

Symantec ProxySG和ASG中存在开放重定向漏洞，该漏洞源于程序未能正确的过滤用户提交的输入。远程攻击者可通过构建特制的URI并诱使用户访问该URI利用该漏洞将用户重定向到攻击者控制的网站。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.symantec.com/products/secure-web-gateway-proxy-sg-and-asg

Reference: https://www.symantec.com/security-center/network-protection-security-advisories/SA155 http://www.securityfocus.com/bid/102455

Impacted products

Name
['Symantec ProxySG >=6.5，<=6.5.10.6', 'Symantec ProxySG 6.6', 'Symantec ProxySG >=6.7，<=6.7.2.1', 'Symantec Advanced Secure Gateway 6.6', 'Symantec Advanced Secure Gateway >=6.7，<=6.7.2.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-9099"
    }
  },
  "description": "Symantec ProxySG\u548cAdvanced Secure Gateway\uff08ASG\uff09\u90fd\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u5b89\u5168\u7f51\u5173\u8bbe\u5907\u3002\r\n\r\nSymantec ProxySG\u548cASG\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u8fc7\u6ee4\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u7279\u5236\u7684URI\u5e76\u8bf1\u4f7f\u7528\u6237\u8bbf\u95ee\u8be5URI\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684\u7f51\u7ad9\u3002",
  "discovererName": "Jakub Palaczynski and Pawel Bartunek.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.symantec.com/products/secure-web-gateway-proxy-sg-and-asg",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-01377",
  "openTime": "2018-01-19",
  "patchDescription": "Symantec ProxySG\u548cAdvanced Secure Gateway\uff08ASG\uff09\u90fd\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u5b89\u5168\u7f51\u5173\u8bbe\u5907\u3002\r\n\r\nSymantec ProxySG\u548cASG\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u8fc7\u6ee4\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u7279\u5236\u7684URI\u5e76\u8bf1\u4f7f\u7528\u6237\u8bbf\u95ee\u8be5URI\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684\u7f51\u7ad9\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Symantec ProxySG\u548cAdvanced Secure Gateway\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Symantec ProxySG \u003e=6.5\uff0c\u003c=6.5.10.6",
      "Symantec ProxySG 6.6",
      "Symantec ProxySG \u003e=6.7\uff0c\u003c=6.7.2.1",
      "Symantec Advanced Secure Gateway 6.6",
      "Symantec Advanced Secure Gateway \u003e=6.7\uff0c\u003c=6.7.2.1"
    ]
  },
  "referenceLink": "https://www.symantec.com/security-center/network-protection-security-advisories/SA155\r\nhttp://www.securityfocus.com/bid/102455",
  "serverity": "\u4f4e",
  "submitTime": "2018-01-11",
  "title": "Symantec ProxySG\u548cAdvanced Secure Gateway\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

CVE-2016-9099 (GCVE-0-2016-9099)

Vulnerability from cvelistv5

Published

2017-05-11 14:01

Modified

2024-09-16 22:40

Severity ?

CWE

Open redirection

Summary

Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/102455	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1040138	vdb-entry, x_refsource_SECTRACK
	https://www.symantec.com/security-center/network-protection-security-advisories/SA155	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Symantec Corporation

ASG

Version: 6.6
Version: 6.7 prior to 6.7.2.1

Symantec Corporation

ProxySG

Version: 6.5 prior to 6.5.10.6
Version: 6.6
Version: 6.7 prior to 6.7.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:10.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102455",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102455"
          },
          {
            "name": "1040138",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040138"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA155"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ASG",
          "vendor": "Symantec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "status": "affected",
              "version": "6.7 prior to 6.7.2.1"
            }
          ]
        },
        {
          "product": "ProxySG",
          "vendor": "Symantec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "6.5 prior to 6.5.10.6"
            },
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "status": "affected",
              "version": "6.7 prior to 6.7.2.1"
            }
          ]
        }
      ],
      "datePublic": "2018-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Open redirection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-11T10:57:01",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "name": "102455",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102455"
        },
        {
          "name": "1040138",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040138"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA155"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "DATE_PUBLIC": "2018-01-09T00:00:00",
          "ID": "CVE-2016-9099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ASG",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.6"
                          },
                          {
                            "version_value": "6.7 prior to 6.7.2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProxySG",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.5 prior to 6.5.10.6"
                          },
                          {
                            "version_value": "6.6"
                          },
                          {
                            "version_value": "6.7 prior to 6.7.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Open redirection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102455",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102455"
            },
            {
              "name": "1040138",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040138"
            },
            {
              "name": "https://www.symantec.com/security-center/network-protection-security-advisories/SA155",
              "refsource": "CONFIRM",
              "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA155"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2016-9099",
    "datePublished": "2017-05-11T14:01:00Z",
    "dateReserved": "2016-10-28T00:00:00",
    "dateUpdated": "2024-09-16T22:40:30.815Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted