ID
VAR-201008-0399
TITLE
Blue Coat ProxySG Privilege Restricted Remote Security Bypass Vulnerability
Trust: 0.6
DESCRIPTION
Blue Coat ProxySG is a proxy device platform that helps organizations accelerate and protect applications in distributed networks. An administrator limit value with only read permissions allows a small number of commands to be run, the ProxySG configuration cannot be changed, and the commands entered in the management console and CLI are restricted in the ProxySG. An attacker can send commands through an HTTPS URL, bypassing permission restrictions, and allowing administrators with only read permissions to execute all administrator commands. Blue Coat ProxySG is prone to a remote security-bypass vulnerability. A successful attack will result in the complete compromise of an affected appliance. This issue affects the following versions: Blue Coat ProxySG 5.5 Blue Coat ProxySG 5.4 Blue Coat ProxySG 5.3 Blue Coat ProxySG 4.3 Blue Coat ProxySG 4.2
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | blue coat | model: | proxysg | scope: | eq | version: | 4.2 | Trust: 0.6 |
| vendor: | blue coat | model: | proxysg | scope: | eq | version: | 4.3 | Trust: 0.6 |
| vendor: | blue | model: | coat systems proxysg | scope: | eq | version: | 5.5 | Trust: 0.3 |
| vendor: | blue | model: | coat systems proxysg | scope: | eq | version: | 5.4 | Trust: 0.3 |
| vendor: | blue | model: | coat systems proxysg | scope: | eq | version: | 5.3 | Trust: 0.3 |
| vendor: | blue | model: | coat systems proxysg | scope: | eq | version: | 4.3 | Trust: 0.3 |
| vendor: | blue | model: | coat systems proxysg | scope: | eq | version: | 4.2 | Trust: 0.3 |
| vendor: | blue | model: | coat systems proxysg | scope: | ne | version: | 5.5.3.1 | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Design Error
Trust: 0.3
PATCH
| title: | Blue Coat ProxySG privilege restricts remote security bypass vulnerability patches | url: | https://www.cnvd.org.cn/patchinfo/show/828 | Trust: 0.6 |
EXTERNAL IDS
| db: | BID | id: | 42490 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2010-1615 | Trust: 0.6 |
REFERENCES
| url: | https://kb.bluecoat.com/index?page=content&id=sa45http | Trust: 0.6 |
| url: | http://www.bluecoat.com/products/sg | Trust: 0.3 |
| url: | http://www.bluecoat.com | Trust: 0.3 |
| url: | https://kb.bluecoat.com/index?page=content&id=sa45 | Trust: 0.3 |
CREDITS
Thierry Zoller
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2010-1615 |
| db: | BID | id: | 42490 |
LAST UPDATE DATE
2022-05-17T01:45:43.336000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-1615 | date: | 2010-08-18T00:00:00 |
| db: | BID | id: | 42490 | date: | 2010-08-16T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-1615 | date: | 2010-08-18T00:00:00 |
| db: | BID | id: | 42490 | date: | 2010-08-16T00:00:00 |