Command Injection Vulnerability in Advanced Secure Gateway by Broadcom
CVE-2023-23952

9.8CRITICAL

Key Information:

Vendor: Broadcom
Status: Advanced Secure Gateway, Content Analysis
Vendor: CVE Published:; 1 June 2023

What is CVE-2023-23952?

The Advanced Secure Gateway and Content Analysis solution from Broadcom is reported to have a command injection vulnerability in versions prior to 7.3.13.1 and 3.1.6.0. This vulnerability could allow an attacker to execute arbitrary commands on the underlying system, potentially leading to unauthorized access or manipulation of system resources. It is crucial for organizations using affected versions to apply the necessary updates to mitigate risks and enhance the security posture of their networks.

Affected Version(s)

Advanced Secure Gateway, Content Analysis 7.3.13.1, 3.1.6.0

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2023
Vulnerability Reserved
Jan 19, 2023