The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/101530 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039701 | Third Party Advisory VDB Entry |
https://www.symantec.com/security-center/network-protection-security-advisories/SA146 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: symantec
Published: 2017-10-30T00:00:00
Updated: 2017-11-01T09:57:01
Reserved: 2016-10-28T00:00:00
Link: CVE-2016-9097
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-05-11T14:30:16.360
Modified: 2021-07-08T16:37:42.880
Link: CVE-2016-9097
JSON object: View
Redhat Information
No data.
CWE