Vulnerability Description
Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Advanced Secure Gateway | >= 6.6, < 6.6.5.14 |
| Broadcom | Symantec Proxysg | >= 6.5, < 6.5.10.8 |
References
- http://www.securityfocus.com/bid/103685Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040757Third Party AdvisoryVDB Entry
- https://www.symantec.com/security-center/network-protection-security-advisories/Vendor Advisory
- http://www.securityfocus.com/bid/103685Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040757Third Party AdvisoryVDB Entry
- https://www.symantec.com/security-center/network-protection-security-advisories/Vendor Advisory
FAQ
What is CVE-2017-13677?
CVE-2017-13677 is a vulnerability with a CVSS score of 7.5 (HIGH). Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service th...
How severe is CVE-2017-13677?
CVE-2017-13677 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-13677?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Advanced Secure Gateway, Broadcom Symantec Proxysg.