CVE-2016-10258 in Symantec and Broadcom Products
Published on April 11, 2018

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.

NVD

Products Associated with CVE-2016-10258

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2016-10258 are published in these products:

Symantec Advanced Secure Gateway

Broadcom Symantec Proxysg

Broadcom Advanced Secure Gateway

Affected Versions

Symantec Corporation Advanced Secure Gateway (ASG):

Version 6.6 prior to 6.6.5.14 is affected.
Version 6.7 prior to 6.7.3.1 is affected.

Symantec Corporation ProxySG:

Version 6.5 prior to 6.5.10.8 is affected.
Version 6.6 prior to 6.6.5.14 is affected.
Version 6.7 prior to 6.7.3.1 is affected.

Exploit Probability

EPSS

10.46%

Percentile

93.12%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-10258 in Symantec and Broadcom ProductsPublished on April 11, 2018

Products Associated with CVE-2016-10258

Affected Versions

Exploit Probability

CVE-2016-10258 in Symantec and Broadcom Products
Published on April 11, 2018