Vulnerability Description
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Advanced Secure Gateway | >= 6.7, < 6.7.2.1 |
| Broadcom | Symantec Proxysg | >= 6.5, < 6.5.10.6 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102455Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040138Third Party AdvisoryVDB Entry
- https://www.symantec.com/security-center/network-protection-security-advisories/Vendor Advisory
- http://www.securityfocus.com/bid/102455Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040138Third Party AdvisoryVDB Entry
- https://www.symantec.com/security-center/network-protection-security-advisories/Vendor Advisory
FAQ
What is CVE-2016-9099?
CVE-2016-9099 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability....
How severe is CVE-2016-9099?
CVE-2016-9099 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9099?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Advanced Secure Gateway, Broadcom Symantec Proxysg.