← voltar
CVE-2016-10257

CVE-2016-10257

EPSS 1.5%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
10 jan 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10256.
Produtos afetados
Symantec Corporation · ASGSymantec Corporation · ProxySG

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.symantec.com/security-center/network-protection-security-advisories/SA155http://www.securityfocus.com/bid/102447http://www.securitytracker.com/id/1040138