Vulnerability Details : CVE-2021-30648
The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
Vulnerability category: BypassGain privilege
Products affected by CVE-2021-30648
- cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-30 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-30 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-30 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-30 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-40 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-40 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-40 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S200-40 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s200-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-20 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-20 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-20 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-20 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-30 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-30 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-30 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-30 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-30_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-40 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-40 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-40 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S400-40 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s400-40_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway 500-10 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_500-10_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway 500-10 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_500-10_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway 500-10 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_500-10_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway 500-10 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_500-10_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S500-20 FirmwareVersions from including (>=) 6.6 and before (<) 6.7.4.17cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s500-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S500-20 FirmwareVersions from including (>=) 7.3 and before (<) 7.3.3.3cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s500-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S500-20 FirmwareVersions from including (>=) 7.2 and before (<) 7.2.7.2cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s500-20_firmware:*:*:*:*:*:*:*:*
- Broadcom » Symantec Advanced Secure Gateway S500-20 FirmwareVersions from including (>=) 6.7.5.0 and before (<) 6.7.5.12cpe:2.3:o:broadcom:symantec_advanced_secure_gateway_s500-20_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-30648
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-30648
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.0
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:C |
10.0
|
8.5
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-30648
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-30648
-
https://support.broadcom.com/security-advisory/content/security-advisories/0/SYMSA18331
Broadcom Support PortalVendor Advisory
Jump to