Vulnerabilities > Broadcom > Advanced Secure Gateway

DATE CVE VULNERABILITY TITLE RISK
2023-06-01 CVE-2023-23952 Command Injection vulnerability in Broadcom Advanced Secure Gateway and Content Analysis
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability.
network
low complexity
broadcom CWE-77
critical
9.8
2023-06-01 CVE-2023-23953 Unspecified vulnerability in Broadcom Advanced Secure Gateway and Content Analysis
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability.
local
low complexity
broadcom
7.8
2023-06-01 CVE-2023-23954 Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Content Analysis
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability.
network
low complexity
broadcom CWE-79
5.4
2023-06-01 CVE-2023-23955 Server-Side Request Forgery (SSRF) vulnerability in Broadcom Advanced Secure Gateway and Content Analysis
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability.
network
low complexity
broadcom CWE-918
8.1
2022-07-07 CVE-2021-46825 HTTP Request Smuggling vulnerability in Broadcom Advanced Secure Gateway and Proxysg
Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability.
network
low complexity
broadcom CWE-444
critical
9.1
2020-04-10 CVE-2019-18375 Unspecified vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability.
network
low complexity
broadcom
6.5
2019-08-30 CVE-2018-18371 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser.
network
low complexity
broadcom CWE-327
6.5
2019-08-30 CVE-2018-18370 Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser.
network
low complexity
broadcom CWE-79
6.1
2018-05-29 CVE-2018-5241 Unspecified vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability.
network
low complexity
broadcom
critical
9.8
2018-04-11 CVE-2017-13678 Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles.
network
low complexity
broadcom CWE-79
4.8