SA149: CSRF Vulnerability in CA and MTD
SUMMARY
The Symantec Content Analysis (CA) and Mail Threat Defense (MTD) management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.
AFFECTED PRODUCTS
| Content Analysis (CA) | ||
|---|---|---|
| CVE | Affected Version(s) | Remediation |
| All CVEs | 2.2 and later | Not vulnerable, full fix available in 2.2.1.1. |
| 2.1 | Partial fix available in 2.1.1.1. | |
| 1.3 | Partial fix avaialble in 1.3.7.3. | |
| Mail Threat Defense (MTD) | ||
|---|---|---|
| CVE | Affected Version(s) | Remediation |
| All CVEs | 1.1 | Upgrade to CA 2.2 (or later) and SMG 10.6.3 (or later) |
ADDITIONAL PRODUCT INFORMATION
Only the CA management console is affected. The CA management console web browser client application in CA 1.3.7.3 and 2.1.1.1 opt-ins to use CSRF protection. The full fix in CA 2.2 requires CSRF protection for all CA management console clients.
MTD has been obsoleted by CA and the Symantec Messaging Gateway (SMG). Symantec recommends that MTD customers transition to CA 2.2 (or above) and SMG 10.6.3 (or above) to get the latest functionality and vulnerability fixes.
ISSUES
| CVE-2016-9092 | |
|---|---|
| Severity / CVSSv2 | High / 8.3 (AV:N/AC:M/Au:N/C:P/I:P/A:C) |
| References | NVD: CVE-2016-9092 |
| Impact | Cross-site request forgery (CSRF) |
| Description | A remote, unauthenticated attacker can target an authenticated administrator user with phishing or other social engineering techniques, and trick them into clicking on a malicious link or visiting a malicious site. This allows the attacker to access the management console with the privileges of the authenticated user. |
ACKNOWLEDGEMENTS
Thanks to Peter Paccione, Chris Hebert, and Corey Boyd for reporting this vulnerability.
REVISION
2018-05-17 initial public release