Server-Side Request Forgery Vulnerability in Broadcom Advanced Secure Gateway
CVE-2023-23955

8.1HIGH

Key Information:

Vendor: Broadcom
Status: Advanced Secure Gateway, Content Analysis
Vendor: CVE Published:; 1 June 2023

What is CVE-2023-23955?

The Advanced Secure Gateway and Content Analysis products from Broadcom are vulnerable to a Server-Side Request Forgery (SSRF) issue. This vulnerability may allow an attacker to send unauthorized commands or requests through the server, potentially compromising sensitive information. This issue affects several versions of the products, necessitating prompt remediation to secure the affected systems.

Affected Version(s)

Advanced Secure Gateway, Content Analysis 7.3.13.1, 3.1.6..0

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2023
Vulnerability Reserved
Jan 19, 2023