Symantec ProxySG 6.5 < 6.5.10.8 / 6.6 < 6.6.5.14 / 6.7 < 6.7.4.107 Multiple Vulnerabilities (SA162)

Medium Nessus Plugin ID 109035

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The self-reported SGOS version installed on the remote Symantec
ProxySG device is 6.5.x prior to 6.5.10.8, 6.6.x prior to 6.6.5.14,
or 6.7 prior to 6.7.4.107. It is, therefore, affected by multiple
vulnerabilities :

- An unrestricted file upload vulnerability exists in the ASG and
ProxySG management consoles. A malicious appliance administrator
can upload arbitrary malicious files to the management console and
trick another administrator user into downloading and executing
malicious code. (CVE-2016-10258)

- A denial-of-service (DoS) vulnerability in the ASG and ProxySG
management consoles. A remote attacker can use crafted HTTP/HTTPS
requests to cause denial-of-service through management console
application crashes. (CVE-2017-13677)

- A stored XSS vulnerability exists the ASG and ProxySG management
consoles in that a malicious appliance administrator can inject
arbitrary JavaScript code in the management console web client
application. (CVE-2017-13678)

Solution

Upgrade to Symantec ProxySG SGOS version 6.5.10.8 / 6.6.5.14 / 6.7.4.107 or later.

See Also

http://www.nessus.org/u?26c3b5a9

Plugin Details

Severity: Medium

ID: 109035

File Name: symantec_proxy_sg_SA162.nasl

Version: 1.2

Type: local

Family: Firewalls

Published: 2018/04/13

Modified: 2018/08/15

Dependencies: 68992

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: x-cpe:/h:symantec:proxysg

Patch Publication Date: 2018/04/10

Vulnerability Publication Date: 2018/04/10

Reference Information

CVE: CVE-2016-10258, CVE-2017-13677, CVE-2017-13678

BID: 103685

IAVA: 2018-A-0107