VYPR
High severity7.2NVD Advisory· Published May 11, 2017· Updated Jun 17, 2026

CVE-2016-9097

CVE-2016-9097

Description

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.

Affected products

32
  • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*+ 23 more
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1:*:*:*:*:*:*:*
  • Range: <6.6.5.8
  • Symantec/ProxySGllm-fuzzy
    Range: <6.5.10.6, <6.6.5.8, <6.7.1.2
  • Symantec Corporation/Symantec Advanced Secure Gateway (ASG) and ProxySGv5
    Range: ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, ProxySG 6.7 prior to 6.7.1.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.