CVE-2018-18370 - OpenCVE

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Broadcom	Advanced Secure Gateway Symantec Proxysg

Configuration 1 [-]

OR	cpe:2.3:a:broadcom:advanced_secure_gateway::::::::
	cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:::::::*
	cpe:2.3:a:broadcom:symantec_proxysg::::::::
	cpe:2.3:a:broadcom:symantec_proxysg::::::::
	cpe:2.3:a:broadcom:symantec_proxysg:6.6:::::::*

No data.

References

Link	Providers
https://support.symantec.com/us/en/article.SYMSA1472.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: symantec

Published: 2019-08-29T22:13:35

Updated: 2024-08-05T11:08:21.643Z

Reserved: 2018-10-15T00:00:00

Link: CVE-2018-18370

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-08-30T09:15:16.567

Modified: 2021-07-08T16:37:25.740

Link: CVE-2018-18370

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Symantec Advanced Secure Gateway (ASG)", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "6.6 and 6.7 prior to 6.7.4.2"}]}, {"product": "Symantec ProxySG", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "6.5 prior to 6.5.10.15"}, {"status": "affected", "version": "6.6"}, {"status": "affected", "version": "6.7 prior to 6.7.4.2"}]}], "descriptions": [{"lang": "en", "value": "The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2."}], "problemTypes": [{"descriptions": [{"description": "Cross-site-scripting (XSS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-29T22:13:35", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.symantec.com/us/en/article.SYMSA1472.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "ID": "CVE-2018-18370", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Symantec Advanced Secure Gateway (ASG)", "version": {"version_data": [{"version_value": "6.6 and 6.7 prior to 6.7.4.2"}]}}, {"product_name": "Symantec ProxySG", "version": {"version_data": [{"version_value": "6.5 prior to 6.5.10.15"}, {"version_value": "6.6"}, {"version_value": "6.7 prior to 6.7.4.2"}]}}]}, "vendor_name": "Symantec Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-site-scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://support.symantec.com/us/en/article.SYMSA1472.html", "refsource": "CONFIRM", "url": "https://support.symantec.com/us/en/article.SYMSA1472.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:08:21.643Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.symantec.com/us/en/article.SYMSA1472.html"}]}]}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2018-18370", "datePublished": "2019-08-29T22:13:35", "dateReserved": "2018-10-15T00:00:00", "dateUpdated": "2024-08-05T11:08:21.643Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:advanced_secure_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B599C2C-2345-4C48-A643-7E3248CD93CF", "versionEndExcluding": "6.7.4.2", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:advanced_secure_gateway:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "A541B285-4265-4AED-80FC-AE02C1372645", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "30763EE4-C79B-47A6-B2BB-6E94B2C9C467", "versionEndExcluding": "6.5.10.15", "versionStartIncluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "83FFE68F-353C-441C-B924-6087631A0AF8", "versionEndExcluding": "6.7.4.2", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "004F99F2-E750-4FC5-A2A6-65FD1C918676", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2."}, {"lang": "es", "value": "El modo WebFTP del Proxy FTP de ASG/ProxySG, permite interceptar conexiones FTP donde un usuario accede a un servidor FTP por medio de una URL ftp:// en un navegador web. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en el modo WebFTP permite a un atacante remoto inyectar c\u00f3digo JavaScript malicioso en un listado web de ASG/ProxySG de un servidor FTP remoto. La explotaci\u00f3n de la vulnerabilidad requiere que el atacante sea capaz de cargar archivos especialmente dise\u00f1ados en el servidor FTP remoto. Versiones afectadas: ASG versi\u00f3n 6.6 y versiones 6.7 anteriores a 6.7.4.2; ProxySG versiones 6.5 anteriores a 6.5.10.15, 6.6 y versiones 6.7 anteriores a 6.7.4.2."}], "id": "CVE-2018-18370", "lastModified": "2021-07-08T16:37:25.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-30T09:15:16.567", "references": [{"source": "secure@symantec.com", "tags": ["Vendor Advisory"], "url": "https://support.symantec.com/us/en/article.SYMSA1472.html"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}