Details of VAR-201804-0142

ID

VAR-201804-0142

CVE

CVE-2016-10258

TITLE

Symantec Advanced Secure Gateway and ProxySG Vulnerable to unlimited upload of dangerous types of files

Trust: 0.8

sources: JVNDB: JVNDB-2018-004403

DESCRIPTION

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code. Symantec ProxySG and ASG are prone to multiple security vulnerabilities. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user, to crash an application, resulting in a denial-of-service condition or to upload arbitrary files to the affected application; this can result in arbitrary code execution within the context of the vulnerable application

Trust: 1.98

sources: NVD: CVE-2016-10258 // JVNDB: JVNDB-2018-004403 // BID: 103685 // VULHUB: VHN-89016

AFFECTED PRODUCTS

vendor:	broadcom	model:	symantec proxysg	scope:	lt	version:	6.6.5.14	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	gte	version:	6.6	Trust: 1.0
vendor:	broadcom	model:	advanced secure gateway	scope:	lt	version:	6.6.5.14	Trust: 1.0
vendor:	broadcom	model:	advanced secure gateway	scope:	gte	version:	6.6	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	lt	version:	6.7.3.1	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	gte	version:	6.5	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	gte	version:	6.7	Trust: 1.0
vendor:	broadcom	model:	advanced secure gateway	scope:	gte	version:	6.7	Trust: 1.0
vendor:	broadcom	model:	advanced secure gateway	scope:	lt	version:	6.7.3.1	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	lt	version:	6.5.10.8	Trust: 1.0
vendor:	symantec	model:	advanced secure gateway	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	proxysg	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	proxysg	scope:	eq	version:	6.7.2.1	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	eq	version:	6.6.5.13	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	eq	version:	6.5.10.6	Trust: 0.3
vendor:	symantec	model:	advanced secure gateway	scope:	eq	version:	6.7.2.1	Trust: 0.3
vendor:	symantec	model:	advanced secure gateway	scope:	eq	version:	6.6.5.13	Trust: 0.3
vendor:	bluecoat	model:	proxysg	scope:	eq	version:	6.7	Trust: 0.3
vendor:	bluecoat	model:	proxysg	scope:	eq	version:	6.6	Trust: 0.3
vendor:	bluecoat	model:	proxysg	scope:	eq	version:	6.5	Trust: 0.3
vendor:	bluecoat	model:	advanced secure gateway	scope:	eq	version:	6.7	Trust: 0.3
vendor:	bluecoat	model:	advanced secure gateway	scope:	eq	version:	6.6.5.4	Trust: 0.3
vendor:	bluecoat	model:	advanced secure gateway	scope:	eq	version:	6.6	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	ne	version:	6.7.4.107	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	ne	version:	6.7.3.1	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	ne	version:	6.6.5.14	Trust: 0.3
vendor:	symantec	model:	proxysg	scope:	ne	version:	6.5.10.8	Trust: 0.3
vendor:	symantec	model:	advanced secure gateway	scope:	ne	version:	6.7.4.107	Trust: 0.3
vendor:	symantec	model:	advanced secure gateway	scope:	ne	version:	6.7.3.1	Trust: 0.3
vendor:	symantec	model:	advanced secure gateway	scope:	ne	version:	6.6.5.14	Trust: 0.3

sources: BID: 103685 // JVNDB: JVNDB-2018-004403 // NVD: CVE-2016-10258

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-10258
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-10258
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201703-1030
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-89016
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-10258
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:N/AC:M/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.8
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-89016
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:N/AC:M/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.8
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-10258
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-89016 // JVNDB: JVNDB-2018-004403 // CNNVD: CNNVD-201703-1030 // NVD: CVE-2016-10258

PROBLEMTYPE DATA

problemtype:

CWE-434

Trust: 1.9

sources: VULHUB: VHN-89016 // JVNDB: JVNDB-2018-004403 // NVD: CVE-2016-10258

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1030

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201703-1030

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004403

PATCH

title:	SYMSA1432	url:	https://support.symantec.com/en_US/article.SYMSA1432.html	Trust: 0.8
title:	Symantec Advanced Secure Gateway and ProxySG Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98313	Trust: 0.6

sources: JVNDB: JVNDB-2018-004403 // CNNVD: CNNVD-201703-1030

EXTERNAL IDS

db:	NVD	id:	CVE-2016-10258	Trust: 2.8
db:	BID	id:	103685	Trust: 2.0
db:	SECTRACK	id:	1040757	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-004403	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-1030	Trust: 0.7
db:	EXPLOIT-DB	id:	47392	Trust: 0.6
db:	VULHUB	id:	VHN-89016	Trust: 0.1

sources: VULHUB: VHN-89016 // BID: 103685 // JVNDB: JVNDB-2018-004403 // CNNVD: CNNVD-201703-1030 // NVD: CVE-2016-10258

REFERENCES

url:	https://www.symantec.com/security-center/network-protection-security-advisories/sa162	Trust: 2.0
url:	http://www.securityfocus.com/bid/103685	Trust: 1.7
url:	http://www.securitytracker.com/id/1040757	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10258	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-10258	Trust: 0.8
url:	https://www.exploit-db.com/download/47392	Trust: 0.6
url:	http://www.symantec.com	Trust: 0.3

sources: VULHUB: VHN-89016 // BID: 103685 // JVNDB: JVNDB-2018-004403 // CNNVD: CNNVD-201703-1030 // NVD: CVE-2016-10258

CREDITS

Pankaj Kumar Thakur

Trust: 0.6

sources: CNNVD: CNNVD-201703-1030

SOURCES

db:	VULHUB	id:	VHN-89016
db:	BID	id:	103685
db:	JVNDB	id:	JVNDB-2018-004403
db:	CNNVD	id:	CNNVD-201703-1030
db:	NVD	id:	CVE-2016-10258

LAST UPDATE DATE

2024-11-23T22:00:37.829000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-89016	date:	2021-07-08T00:00:00
db:	BID	id:	103685	date:	2018-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-004403	date:	2018-06-19T00:00:00
db:	CNNVD	id:	CNNVD-201703-1030	date:	2021-06-28T00:00:00
db:	NVD	id:	CVE-2016-10258	date:	2024-11-21T02:43:40.507

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-89016	date:	2018-04-11T00:00:00
db:	BID	id:	103685	date:	2018-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-004403	date:	2018-06-19T00:00:00
db:	CNNVD	id:	CNNVD-201703-1030	date:	2017-03-24T00:00:00
db:	NVD	id:	CVE-2016-10258	date:	2018-04-11T14:29:00.250