Support Content Notification - Support Portal

Advanced Secure Gateway and Content Analysis Security Update

Product/Component

ASG-S200

5 more products

Notification Id

22217

Last Updated

30 May 2023

Initial Publication Date

30 May 2023

Status

CLOSED

Severity

HIGH

CVSS Base Score

WorkAround

Affected CVE

Summary

Symantec, A Division of Broadcom has released updates to address issues that were discovered in the Advanced Secure Gateway (ASG) and Content Analysis (CAS) products.

Affected Product(s)

Advanced Secure Gateway
CVE	Affected Version(s)	Remediation
CVE-2023-23952 CVE-2023-23953 CVE-2023-23954 CVE-2023-23955	Prior to 7.3.13.1	Upgrade to 7.3.13.1 or later.

Content Analysis
CVE	Affected Version(s)	Remediation
CVE-2023-23952 CVE-2023-23953 CVE-2023-23954 CVE-2203-23955	Prior to 3.1.6.0	Upgrade to 3.1.6.0 or later.

Issue Details

CVE-2023-23952
Severity/CVSSv3:	High / 7.9 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References: Impact:	NVD: CVE-2023-23952 Command Injection
Description:	Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability.

CVE-2023-23953
Severity/CVSSv3:	High / 7.0 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References: Impact:	NVD: CVE-2023-23953 Elevation of Privilege
Description:	Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Elevation of Privilege vulnerability. .

CVE-2023-23954
Severity/CVSSv3:	Medium / 4.2 AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N
References: Impact:	NVD: CVE-2023-23954 Stored Cross-Site Scripting
Description:	Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. .

CVE-2023-23955
Severity/CVSSv3:	Low / 2.2 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
References: Impact:	NVD: CVE-2023-23955 Server-Side Request Forgery
Description:	Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability.

Mitigation & Additional Information

The following product updates have been made available to customers to remediate these issues:

ASG 7.3.13.1
CAS 3.1.6.0

Symantec recommends the following measures to reduce risk of attack:

Restrict access to administrative or management systems to authorized privileged users.
Restrict remote access to trusted/authorized systems only.
Run under the principle of least privilege, where possible, to limit the impact of potential exploit.
Keep all operating systems and applications current with vendor patches.
Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection for both inbound and outbound threats.
Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.

Acknowledgements

CVE-2023-23952: Jerome NOKIN, NATO Cyber Security Centre

CVE-2023-23953: Jerome NOKIN and Jean-Michel Huguet, NATO Cyber Security Centre

CVE-2023-23954: Jerome NOKIN, NATO Cyber Security Centre

CVE-2023-23955: Jerome NOKIN, NATO Cyber Security Centre