Detections
Analytics

Symantec (Blue Coat) ProxySG 6.5.x < 6.5.10.6 / 6.6.x < 6.6.5.8 / 6.7.x < 6.7.1.2 Impromper User Authorization Vulnerability

high Nessus Plugin ID 104381

Language:

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The self-reported version of the remote Symantec (Blue Coat) ProxySG device is 6.5.x prior to 6.5.10.6, 6.6.x prior to 6.6.5.8, or 6.7.x prior to 6.7.1.2. It is, therefore, affected by an improper user authorization vulnerability in web-based management console.

Solution

Upgrade to version 6.5.10.6 / 6.6.5.8 / 6.7.1.2 or later.

See Also

http://www.nessus.org/u?0320c5d9

Plugin Details

Severity: High

ID: 104381

File Name: bluecoat_proxy_sg_6_5_10_6.nasl

Version: 1.3

Type: local

Family: Firewalls

Published: 11/3/2017

Updated: 11/12/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C

CVSS Score Source: CVE-2016-9097

CVSS v3

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:bluecoat:sgos

Required KB Items: Host/BlueCoat/ProxySG/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 10/26/2017

Vulnerability Publication Date: 10/26/2017

Reference Information

CVE: CVE-2016-9097

BID: 101530