How severe is CVE-2016-9097?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2016-9097?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2016-9097 - HIGH Severity | CVSS 7.2

Vulnerability Description

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.

Related Vulnerabilities

CVE-2015-5252

HIGH

CVSS:7.2(High)

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended fi...

CWE-2642015

CVE-2016-2281

HIGH

CVSS:7.2(High)

Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CWE-2642016

CVE-2016-8494

HIGH

CVSS:7.2(High)

Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.

CWE-2642016

CVE-2016-9871

HIGH

CVSS:7.2(High)

EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially b...

CWE-2642016

CVE-2018-0440

HIGH

CVSS:7.2(High)

A vulnerability in the web interface of Cisco Data Center Network Manager could allow an authenticated application administrator to execute commands on the underlying operating system with root-level ...

CWE-2642018

CVE-2018-13802

HIGH

CVSS:7.2(High)

A vulnerability has been identified in ROX II (All versions < V2.12.1). An authenticated attacker with a high-privileged user account access via SSH could circumvent restrictions in place and execute ...

CWE-2642018