CVE-2015-2852
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD
Description
Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators.
Affected (4)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 3.8.3 |
| Running on/with | Platform Versions |
|---|---|
Blue Coat Ssl Visibility Appliance Sv2800 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 3.8.3 |
| Running on/with | Platform Versions |
|---|---|
Blue Coat Ssl Visibility Appliance Sv1800 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 3.8.3 |
| Running on/with | Platform Versions |
|---|---|
Blue Coat Ssl Visibility Appliance Sv3800 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 3.8.3 |
| Running on/with | Platform Versions |
|---|---|
Blue Coat Ssl Visibility Appliance Sv800 | All versions |
References (6)
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.