High severity7.2NVD Advisory· Published May 11, 2017· Updated Jun 17, 2026
CVE-2016-9097
CVE-2016-9097
Description
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.
Affected products
32cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:broadcom:symantec_proxysg:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.7:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1:*:*:*:*:*:*:*
- Range: <6.6.5.8
- Symantec Corporation/Symantec Advanced Secure Gateway (ASG) and ProxySGv5Range: ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, ProxySG 6.7 prior to 6.7.1.2
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/101530nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039701nvdThird Party AdvisoryVDB Entry
- www.symantec.com/security-center/network-protection-security-advisories/SA146nvdVendor Advisory
News mentions
0No linked articles in our index yet.