Vulnerability Details CVE-2016-10258
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.127
EPSS Ranking 93.6%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 6.0
References
- http://www.securityfocus.com/bid/103685
- http://www.securitytracker.com/id/1040757
- https://www.symantec.com/security-center/network-protection-security-advisories/SA162
- http://www.securityfocus.com/bid/103685
- http://www.securitytracker.com/id/1040757
- https://www.symantec.com/security-center/network-protection-security-advisories/SA162
Products affected by CVE-2016-10258
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.3
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.4.3
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.1
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.6.5.13
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.7
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.2.1
-
cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.4
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.6
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.7
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.2
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2
-
cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.2
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.2.2
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.3
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.3.2
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.4
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.4.3
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.5
-
cpe:2.3:a:broadcom:symantec_proxysg:6.6.5.13
-
cpe:2.3:a:broadcom:symantec_proxysg:6.7
-
cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.7.2.1
-
cpe:2.3:a:broadcom:symantec_proxysg:6.7.3