VYPR
Medium severity6.1NVD Advisory· Published May 11, 2017· Updated Jun 17, 2026

CVE-2016-9099

CVE-2016-9099

Description

Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.

Affected products

8
  • cpe:2.3:a:broadcom:advanced_secure_gateway:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:broadcom:advanced_secure_gateway:*:*:*:*:*:*:*:*range: >=6.7,<6.7.2.1
    • cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*range: >=6.5,<6.5.10.6
    • cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
  • Range: 6.6, 6.7 prior to 6.7.2.1
  • Symantec/ProxySGllm-fuzzy
    Range: 6.5 prior to 6.5.10.6, 6.6, 6.7 prior to 6.7.2.1
  • Symantec Corporation/ASGv5
    Range: 6.6
  • Symantec Corporation/ProxySGv5
    Range: 6.5 prior to 6.5.10.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.