Bluecoat

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-6594 1Bluecoat 3Advanced Secure Gateway CacheflowProxysg May 13, 2026 Jun 8, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning.
CVE-2016-10259 1Bluecoat 4Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv2800 FirmwareSsl Visibility Appliance Sv3800 Firmware+1 more May 13, 2026 Apr 11, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SS...Show more Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server.Show less
CVE-2016-9091 1Bluecoat 2Advanced Secure Gateway Content Analysis System Software May 13, 2026 Apr 5, 2017 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execu...Show more Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.Show less
CVE-2015-8597 1Bluecoat 2Advanced Secure Gateway Proxysg May 6, 2026 Jan 8, 2016 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a b...Show more Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%."Show less
CVE-2015-8482 1Bluecoat 1Unified Agent May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspe...Show more Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors.Show less
CVE-2015-1454 1Bluecoat 2Proxyclient Unified Agent May 6, 2026 Feb 2, 2015 N/A· v4 N/A· v3 7.1 HIGH· v2 Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Manag...Show more Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate.Show less
CVE-2014-2565 1Bluecoat 2Content Analysis System Content Analysis System Software May 6, 2026 Apr 30, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."
CVE-2014-2033 1Bluecoat 1Proxysgos Apr 29, 2026 Mar 2, 2014 N/A· v4 N/A· v3 7.9 HIGH· v2 The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended acc...Show more The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials.Show less
CVE-2013-5959 1Bluecoat 2Proxysg Proxysgos Apr 29, 2026 Sep 28, 2013 N/A· v4 N/A· v3 7.1 HIGH· v2 Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers...Show more Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.Show less
CVE-2011-5127 1Bluecoat 1Reporter Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary c...Show more Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.Show less
CVE-2011-5126 1Bluecoat 1Sgos Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read acce...Show more Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file.Show less
CVE-2011-5125 1Bluecoat 1Director Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method.
CVE-2011-5124 1Bluecoat 2Proxyone Proxysg Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronizat...Show more Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).Show less
CVE-2010-5192 1Bluecoat 16Proxysg Proxysg Sg210 10Proxysg Sg210 25+13 more Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to i...Show more Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2010-5191 1Bluecoat 2Avos Proxyav Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password,...Show more Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password, (2) modify a policy, or (3) restart the device.Show less
CVE-2010-5190 1Bluecoat 16Proxysg Proxysg Sg210 10Proxysg Sg210 25+13 more Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detecti...Show more The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.Show less
CVE-2010-5189 1Bluecoat 16Proxysg Proxysg Sg210 10Proxysg Sg210 25+13 more Apr 29, 2026 Aug 26, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrat...Show more Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.Show less
CVE-2009-1211 1Bluecoat 19Proxysg Proxysg Sg210 10Proxysg Sg210 25+16 more Apr 23, 2026 Apr 1, 2009 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and prob...Show more Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.Show less
CVE-2008-4485 1Bluecoat 1Security Gateway Os Apr 23, 2026 Oct 8, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script...Show more Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.Show less
CVE-2007-1685 1Bluecoat 1K9 Web Protection Apr 23, 2026 Jun 8, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long...Show more Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.Show less

12 Next