{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T09:02:14.100","vulnerabilities":[{"cve":{"id":"CVE-2016-9099","sourceIdentifier":"secure@symantec.com","published":"2017-05-11T14:30:16.407","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site."},{"lang":"es","value":"Advanced Secure Gateway (ASG) versión 6.6, ASG versiones 6.7 anteriores a 6.7.2.1, ProxySG versiones 6.5 anteriores a 6.5.10.6, ProxySG versión 6.6 y ProxySG versiones 6.7 anteriores a 6.7.2.1 de Symantec, son susceptibles a una vulnerabilidad de redireccionamiento abierto. Un atacante remoto puede usar una URL diseñada de la consola de administración en un ataque de phishing para redireccionar al usuario destino hacia un sitio web malicioso."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:advanced_secure_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.2.1","matchCriteriaId":"08D3C0DC-195F-4035-805E-CDF610BC782E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.10.6","matchCriteriaId":"6EB38BF8-32F4-45F5-8681-60BE4A209EF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*","matchCriteriaId":"A541B285-4265-4AED-80FC-AE02C1372645"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*","matchCriteriaId":"004F99F2-E750-4FC5-A2A6-65FD1C918676"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.2.1","matchCriteriaId":"D80D6174-972A-4E47-ABAA-1B53D03221E7"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/102455","source":"secure@symantec.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040138","source":"secure@symantec.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA155","source":"secure@symantec.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/102455","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040138","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA155","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}