漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles.
漏洞信息
N/A
漏洞
N/A
漏洞
Symantec Advanced Secure Gateway和ProxySG 安全漏洞
漏洞信息
Symantec Advanced Secure Gateway(ASG)和ProxySG都是美国赛门铁克(Symantec)公司的安全网关设备。 Symantec ASG和ProxySG中存在身份验证绕过漏洞。远程攻击者可利用该漏洞修改有效的SAML响应并保持响应加密签名有效,从而绕过ASG和ProxySG中身份验证的安全控制。以下产品和版本受到影响:Symantec Advanced Secure Gateway 6.6版本,6.7版本;ProxySG 6.5版本,6.6版本,6.7版本。
漏洞信息
N/A
漏洞
N/A