CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2018-18370

Broadcom » Advanced Secure Gateway » Version: 6.6

cpe:2.3:a:broadcom:advanced_secure_gateway:6.6
Broadcom » Advanced Secure Gateway » Version: 6.7

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7
Broadcom » Advanced Secure Gateway » Version: 6.7.2.1

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.2.1
Broadcom » Advanced Secure Gateway » Version: 6.7.3

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3
Broadcom » Advanced Secure Gateway » Version: 6.7.3.1

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3.1
Broadcom » Advanced Secure Gateway » Version: 6.7.3.5

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3.5
Broadcom » Advanced Secure Gateway » Version: 6.7.3.7

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.3.7
Broadcom » Advanced Secure Gateway » Version: 6.7.4

cpe:2.3:a:broadcom:advanced_secure_gateway:6.7.4
Broadcom » Symantec Proxysg » Version: 6.5

cpe:2.3:a:broadcom:symantec_proxysg:6.5
Broadcom » Symantec Proxysg » Version: 6.5.1

cpe:2.3:a:broadcom:symantec_proxysg:6.5.1
Broadcom » Symantec Proxysg » Version: 6.5.10.4

cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.4
Broadcom » Symantec Proxysg » Version: 6.5.10.6

cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.6
Broadcom » Symantec Proxysg » Version: 6.5.10.7

cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.7
Broadcom » Symantec Proxysg » Version: 6.5.10.8

cpe:2.3:a:broadcom:symantec_proxysg:6.5.10.8
Broadcom » Symantec Proxysg » Version: 6.5.2

cpe:2.3:a:broadcom:symantec_proxysg:6.5.2
Broadcom » Symantec Proxysg » Version: 6.5.2.10

cpe:2.3:a:broadcom:symantec_proxysg:6.5.2.10
Broadcom » Symantec Proxysg » Version: 6.5.4.1

cpe:2.3:a:broadcom:symantec_proxysg:6.5.4.1
Broadcom » Symantec Proxysg » Version: 6.5.5.7

cpe:2.3:a:broadcom:symantec_proxysg:6.5.5.7
Broadcom » Symantec Proxysg » Version: 6.5.6.1

cpe:2.3:a:broadcom:symantec_proxysg:6.5.6.1
Broadcom » Symantec Proxysg » Version: 6.5.7.6

cpe:2.3:a:broadcom:symantec_proxysg:6.5.7.6
Broadcom » Symantec Proxysg » Version: 6.5.9.10

cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.10
Broadcom » Symantec Proxysg » Version: 6.5.9.14

cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.14
Broadcom » Symantec Proxysg » Version: 6.5.9.2

cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.2
Broadcom » Symantec Proxysg » Version: 6.5.9.8

cpe:2.3:a:broadcom:symantec_proxysg:6.5.9.8
Broadcom » Symantec Proxysg » Version: 6.6

cpe:2.3:a:broadcom:symantec_proxysg:6.6
Broadcom » Symantec Proxysg » Version: 6.7

cpe:2.3:a:broadcom:symantec_proxysg:6.7
Broadcom » Symantec Proxysg » Version: 6.7.1.1

cpe:2.3:a:broadcom:symantec_proxysg:6.7.1.1
Broadcom » Symantec Proxysg » Version: 6.7.2.1

cpe:2.3:a:broadcom:symantec_proxysg:6.7.2.1
Broadcom » Symantec Proxysg » Version: 6.7.3

cpe:2.3:a:broadcom:symantec_proxysg:6.7.3
Broadcom » Symantec Proxysg » Version: 6.7.3.1

cpe:2.3:a:broadcom:symantec_proxysg:6.7.3.1
Broadcom » Symantec Proxysg » Version: 6.7.3.15

cpe:2.3:a:broadcom:symantec_proxysg:6.7.3.15
Broadcom » Symantec Proxysg » Version: 6.7.3.5

cpe:2.3:a:broadcom:symantec_proxysg:6.7.3.5
Broadcom » Symantec Proxysg » Version: 6.7.3.7

cpe:2.3:a:broadcom:symantec_proxysg:6.7.3.7
Broadcom » Symantec Proxysg » Version: 6.7.4

cpe:2.3:a:broadcom:symantec_proxysg:6.7.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18370

Products

Pricing

Contact Us