Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for symantec_advanced_secure_gateway_s400-40_firmware by broadcom

    CVE-2021-30648 (GCVE-0-2021-30648)

    Vulnerability from nvd – Published: 2021-06-30 10:40 – Updated: 2024-08-03 22:40
    VLAI
    Summary
    The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Advanced Secure Gateway (ASG) and ProxySG Affected: ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T22:40:31.611Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Advanced Secure Gateway (ASG) and ProxySG",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-30T10:40:39.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2021-30648",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Advanced Secure Gateway (ASG) and ProxySG",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331",
                  "refsource": "MISC",
                  "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2021-30648",
        "datePublished": "2021-06-30T10:40:39.000Z",
        "dateReserved": "2021-04-13T00:00:00.000Z",
        "dateUpdated": "2024-08-03T22:40:31.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-30648 (GCVE-0-2021-30648)

    Vulnerability from cvelistv5 – Published: 2021-06-30 10:40 – Updated: 2024-08-03 22:40
    VLAI
    Summary
    The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Advanced Secure Gateway (ASG) and ProxySG Affected: ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T22:40:31.611Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Advanced Secure Gateway (ASG) and ProxySG",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-30T10:40:39.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2021-30648",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Advanced Secure Gateway (ASG) and ProxySG",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "ASG 6.6, ASG 6.7 prior to 6.7.4.17 or 6.7.5.12, ASG 7.2 prior to 7.2.7.2, ASG 7.3 prior to 7.3.3.3, ProxySG 6.5 prior to 6.5.10.16, ProxySG 6.6 prior to 6.6.5.19, ProxySG 6.7 prior to 6.7.3.15, 6.7.4.17, or 6.7.5.12, ProxySG 7.2 prior 7.2.7.2, ProxySG 7.3 prior to 7.3.3.3."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331",
                  "refsource": "MISC",
                  "url": "https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2021-30648",
        "datePublished": "2021-06-30T10:40:39.000Z",
        "dateReserved": "2021-04-13T00:00:00.000Z",
        "dateUpdated": "2024-08-03T22:40:31.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }