Symantec (Blue Coat) ProxySG 6.5.x < 6.5.10.6 / 6.6.x < 6.6.5.8 / 6.7.x < 6.7.1.2 Impromper User Authorization Vulnerability

High Nessus Plugin ID 104381

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The self-reported version of the remote Symantec (Blue Coat) ProxySG device is 6.5.x prior to 6.5.10.6, 6.6.x prior to 6.6.5.8, or 6.7.x prior to 6.7.1.2. It is, therefore, affected by an improper user authorization vulnerability in web-based management console.

Solution

Upgrade to version 6.5.10.6 / 6.6.5.8 / 6.7.1.2 or later.

See Also

http://www.nessus.org/u?0320c5d9

Plugin Details

Severity: High

ID: 104381

File Name: bluecoat_proxy_sg_6_5_10_6.nasl

Version: $Revision: 1.2 $

Type: local

Family: Firewalls

Published: 2017/11/03

Modified: 2018/01/11

Dependencies: 68992

Risk Information

Risk Factor: High

CVSSv2

Base Score: 8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C

CVSSv3

Base Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H

Vulnerability Information

CPE: cpe:/o:bluecoat:sgos

Required KB Items: Host/BlueCoat/ProxySG/Version

Patch Publication Date: 2017/10/26

Vulnerability Publication Date: 2017/10/26

Reference Information

CVE: CVE-2016-9097

BID: 101530