Symantec ProxySG 6.5 < 6.5.10.8 / 6.6 < 6.6.5.14 / 6.7 < 6.7.4.107 Multiple Vulnerabilities (SA162)

Medium Nessus Plugin ID 109035

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The self-reported SGOS version installed on the remote Symantec ProxySG device is 6.5.x prior to 6.5.10.8, 6.6.x prior to 6.6.5.14, or 6.7 prior to 6.7.4.107. It is, therefore, affected by multiple vulnerabilities :

- An unrestricted file upload vulnerability exists in the ASG and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code. (CVE-2016-10258)

- A denial-of-service (DoS) vulnerability in the ASG and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes. (CVE-2017-13677)

- A stored XSS vulnerability exists the ASG and ProxySG management consoles in that a malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application. (CVE-2017-13678)

Solution

Upgrade to Symantec ProxySG SGOS version 6.5.10.8 / 6.6.5.14 / 6.7.4.107 or later.

See Also

http://www.nessus.org/u?26c3b5a9

Plugin Details

Severity: Medium

ID: 109035

File Name: symantec_proxy_sg_SA162.nasl

Version: 1.2

Type: local

Family: Firewalls

Published: 2018/04/13

Modified: 2018/08/15

Dependencies: 68992

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSSv3

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: x-cpe:/h:symantec:proxysg

Required KB Items: Host/BlueCoat/ProxySG/Version

Patch Publication Date: 2018/04/10

Vulnerability Publication Date: 2018/04/10

Reference Information

CVE: CVE-2016-10258, CVE-2017-13677, CVE-2017-13678

BID: 103685

IAVA: 2018-A-0107