CVE-2021-30648

The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.

Published: Jun 30, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-30648
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:N/C:P/I:P/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
broadcom / symantec_proxysg	7.3	7.3.3.3
broadcom / symantec_proxysg	7.2	7.2.7.2
broadcom / symantec_proxysg	6.5	6.5.10.16
broadcom / symantec_proxysg	6.6	6.6.5.19
broadcom / symantec_proxysg	6.7	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s200-30_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s200-30_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s200-30_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s200-30_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_s200-40_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s200-40_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s200-40_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s200-40_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_s400-20_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s400-20_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s400-20_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s400-20_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_s400-30_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s400-30_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s400-30_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s400-30_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_s400-40_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s400-40_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s400-40_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s400-40_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_500-10_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_500-10_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_500-10_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_500-10_firmware	7.3	7.3.3.3
broadcom / symantec_advanced_secure_gateway_s500-20_firmware	6.6	6.7.4.17
broadcom / symantec_advanced_secure_gateway_s500-20_firmware	6.7.5.0	6.7.5.12
broadcom / symantec_advanced_secure_gateway_s500-20_firmware	7.2	7.2.7.2
broadcom / symantec_advanced_secure_gateway_s500-20_firmware	7.3	7.3.3.3

https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331

Vulnerability Database

289,697

CVE-2021-30648