Security vulnerability fixes for Symantec VIP Enterprise Gateway
search cancel

Security vulnerability fixes for Symantec VIP Enterprise Gateway

book

Article ID: 164555

calendar_today

Updated On: 10-05-2023

Products

VIP Service

Issue/Introduction

Learn about the security vulnerability fixes for VIP Enterprise Gateway (VIP EG).

Also see the VIP documentation page.

Resolution

VIP Enterprise Gateway 9.10.2

Vulnerabilities

  • Cross SITE SCRIPTING (URL sanitation check)
  • Using component with known (Jetty server upgrade)
  • Cross Site Request Forgery (also named as 'Replay attack') The password can be captured from this vulnerability.

Solution:

Planned in VIP EG 9.11 release.

Attachments

weakciphers.properties get_app
VIP_EG_Windows.zip get_app
VIP_EG_Linux_2.zip get_app
VIP_EG_Linux _1.zip get_app
blacklistedProtocols.properties get_app
Powered by Wolken Software