Broadcom Advanced Secure Gateway — known CVE vulnerabilities
Every CVE whose affected-product data names Broadcom Advanced Secure Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2023-23952 — CVSS 9.8 (critical): Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability.
CVE-2018-5241 — CVSS 9.8 (critical): Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass…
CVE-2021-46825 — CVSS 9.1 (critical): Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker…
CVE-2023-23955 — CVSS 8.1 (high): Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery…
CVE-2016-9100 — CVSS 7.8 (high): Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to…
CVE-2023-23953 — CVSS 7.8 (high): Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability.
CVE-2017-13677 — CVSS 7.5 (high): Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can…
CVE-2016-9097 — CVSS 7.2 (high): The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7…
CVE-2016-10258 — CVSS 6.8 (medium): Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance…
CVE-2018-18371 — CVSS 6.5 (medium): The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web…
CVE-2019-18375 — CVSS 6.5 (medium): The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability. A remote attacker, with access to the…
CVE-2016-10257 — CVSS 6.1 (medium): The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7…
CVE-2018-18370 — CVSS 6.1 (medium): The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web…
CVE-2016-9099 — CVSS 6.1 (medium): Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to…
CVE-2023-23954 — CVSS 5.4 (medium): Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting…
CVE-2017-13678 — CVSS 4.8 (medium): Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator…