Medium severity6.1NVD Advisory· Published May 11, 2017· Updated May 13, 2026

CVE-2016-9099

Description

Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.

Affected products

Symantec Corporation/ASGv5
Range: 6.6
Symantec Corporation/ProxySGv5
Range: 6.5 prior to 6.5.10.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/102455nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1040138nvdThird Party AdvisoryVDB Entry
www.symantec.com/security-center/network-protection-security-advisories/SA155nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000