Описание
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.7 (включая) до 6.7.2.1 (исключая)
cpe:2.3:a:broadcom:advanced_secure_gateway:*:*:*:*:*:*:*:*
Конфигурация 2Версия от 6.5 (включая) до 6.5.10.6 (исключая)
cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*
Конфигурация 5Версия от 6.7 (включая) до 6.7.2.1 (исключая)
cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00312
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.
EPSS
Процентиль: 54%
0.00312
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601