Details of VAR-201805-1106

ID

VAR-201805-1106

CVE

CVE-2018-5241

TITLE

Symantec Advanced Secure Gateway and ProxySG Vulnerabilities related to security functions

Trust: 0.8

sources: JVNDB: JVNDB-2018-005793

DESCRIPTION

Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles. Symantec Advanced Secure Gateway (ASG) and ProxySG Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This may lead to further attacks

Trust: 1.98

sources: NVD: CVE-2018-5241 // JVNDB: JVNDB-2018-005793 // BID: 104282 // VULHUB: VHN-135272

AFFECTED PRODUCTS

vendor:	symantec	model:	proxysg	scope:	eq	version:	6.7	Trust: 1.7
vendor:	symantec	model:	proxysg	scope:	eq	version:	6.6	Trust: 1.7
vendor:	symantec	model:	proxysg	scope:	eq	version:	6.5	Trust: 1.7
vendor:	symantec	model:	advanced secure gateway	scope:	eq	version:	6.7	Trust: 1.7
vendor:	symantec	model:	advanced secure gateway	scope:	eq	version:	6.6	Trust: 1.7
vendor:	broadcom	model:	advanced secure gateway	scope:	eq	version:	6.7	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	eq	version:	6.5	Trust: 1.0
vendor:	broadcom	model:	advanced secure gateway	scope:	eq	version:	6.6	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	eq	version:	6.6	Trust: 1.0
vendor:	broadcom	model:	symantec proxysg	scope:	eq	version:	6.7	Trust: 1.0

sources: BID: 104282 // JVNDB: JVNDB-2018-005793 // CNNVD: CNNVD-201805-972 // NVD: CVE-2018-5241

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5241
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-5241
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201805-972
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-135272
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-5241
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-135272
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5241
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-135272 // JVNDB: JVNDB-2018-005793 // CNNVD: CNNVD-201805-972 // NVD: CVE-2018-5241

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-135272 // JVNDB: JVNDB-2018-005793 // NVD: CVE-2018-5241

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-972

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201805-972

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-005793

PATCH

title:

SYMSA1450

url:

https://support.symantec.com/en_US/article.SYMSA1450.html

Trust: 0.8

sources: JVNDB: JVNDB-2018-005793

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5241	Trust: 2.8
db:	BID	id:	104282	Trust: 2.0
db:	SECTRACK	id:	1040993	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-005793	Trust: 0.8
db:	CNNVD	id:	CNNVD-201805-972	Trust: 0.7
db:	VULHUB	id:	VHN-135272	Trust: 0.1

sources: VULHUB: VHN-135272 // BID: 104282 // JVNDB: JVNDB-2018-005793 // CNNVD: CNNVD-201805-972 // NVD: CVE-2018-5241

REFERENCES

url:	https://www.symantec.com/security-center/network-protection-security-advisories/sa167	Trust: 2.0
url:	http://www.securityfocus.com/bid/104282	Trust: 1.7
url:	http://www.securitytracker.com/id/1040993	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5241	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5241	Trust: 0.8
url:	http://www.symantec.com	Trust: 0.3

sources: VULHUB: VHN-135272 // BID: 104282 // JVNDB: JVNDB-2018-005793 // CNNVD: CNNVD-201805-972 // NVD: CVE-2018-5241

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104282

SOURCES

db:	VULHUB	id:	VHN-135272
db:	BID	id:	104282
db:	JVNDB	id:	JVNDB-2018-005793
db:	CNNVD	id:	CNNVD-201805-972
db:	NVD	id:	CVE-2018-5241

LAST UPDATE DATE

2024-11-23T22:55:52.810000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-135272	date:	2021-07-08T00:00:00
db:	BID	id:	104282	date:	2018-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2018-005793	date:	2018-07-30T00:00:00
db:	CNNVD	id:	CNNVD-201805-972	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-5241	date:	2024-11-21T04:08:24.510

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-135272	date:	2018-05-29T00:00:00
db:	BID	id:	104282	date:	2018-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2018-005793	date:	2018-07-30T00:00:00
db:	CNNVD	id:	CNNVD-201805-972	date:	2018-05-30T00:00:00
db:	NVD	id:	CVE-2018-5241	date:	2018-05-29T13:29:00.617