Details of VAR-201704-0089

ID

VAR-201704-0089

CVE

CVE-2016-10259

TITLE

SSL Visibility Appliance may generate illegal RST packets

Trust: 0.8

sources: JVNDB: JVNDB-2017-000099

DESCRIPTION

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server. SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behind the appliance fails to treat these incorrect RST packets, it keeps the encrypted session indefinitely. This behavior may be used to cause a denial-of-service (DoS) condition on the server side. According to the developer, this issue does not affect the appliance. NTT-ME CORPORATION Cyber Security Center reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A denial-of-service (DoS) attack to a server may be conducted by an unauthenticated remote attacker. ** Delete ** This case JVNDB-2017-000099 It was removed because it was found to be duplicated. below JVNDB-2017-000099 Please refer to. ■JVNDB-2017-000099 (JVN#91438377) * http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000099.html plural Blue Coat SSL Visibility The product contains a resource management vulnerability.Service operation interruption (DoS) An attack may be carried out. Attackers can exploit this issue to cause TCP connection pool exhaustion, leading to a denial-of-service condition. It supports adding SSL inspection functions to advanced threat protection solutions and existing network security architectures. A denial of service vulnerability exists in Blue Coat SSLV 3.x prior to 3.11.3.1

Trust: 2.7

sources: NVD: CVE-2016-10259 // JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118 // BID: 97525 // VULHUB: VHN-89017

AFFECTED PRODUCTS

vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.11.1.1	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.11.1.2	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.11.1.1	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.11.2.1	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.10	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.8.4	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.11.1.2	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.11	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv2800	scope:	eq	version:	3.9	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.11.2.1	Trust: 1.6
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.11.2.1	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.8.4	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.11.1.1	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.9	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.11	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.9	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.11	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.10	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.11.2.1	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv3800	scope:	eq	version:	3.8.4	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.10	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.11.1.2	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.11.1.1	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv800	scope:	eq	version:	3.8.4	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.9	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.11	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.10	Trust: 1.0
vendor:	bluecoat	model:	ssl visibility appliance sv1800	scope:	eq	version:	3.11.1.2	Trust: 1.0
vendor:	blue coat	model:	ssl visibility appliance	scope:	eq	version:	3.8.4fc, 3.9, 3.10, and 3.11 prior to 3.11.3.1	Trust: 0.8
vendor:	blue coat	model:	ssl visibility appliance sv1800	scope:	-	version:	-	Trust: 0.8
vendor:	blue coat	model:	ssl visibility appliance sv2800	scope:	-	version:	-	Trust: 0.8
vendor:	blue coat	model:	ssl visibility appliance sv3800	scope:	-	version:	-	Trust: 0.8
vendor:	blue coat	model:	ssl visibility appliance sv800	scope:	-	version:	-	Trust: 0.8
vendor:	bluecoat	model:	ssl visibility 3.8.4fc	scope:	-	version:	-	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.8	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.6	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	ne	version:	3.11.3.1	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.11	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.7	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.10	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.9	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility	scope:	eq	version:	3.9.4.1	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility 3.8.2f	scope:	-	version:	-	Trust: 0.3
vendor:	bluecoat	model:	ssl visibility 3.8fc	scope:	-	version:	-	Trust: 0.3

sources: BID: 97525 // JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118 // CNNVD: CNNVD-201703-1029 // NVD: CVE-2016-10259

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-10259
value:	MEDIUM
Trust: 1.0
IPA:	JVNDB-2017-000099
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201703-1029
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-89017
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-10259
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2017-000099
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-89017
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-10259
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.0
IPA:	JVNDB-2017-000099
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-89017 // JVNDB: JVNDB-2017-000099 // CNNVD: CNNVD-201703-1029 // NVD: CVE-2016-10259

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-89017 // JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118 // NVD: CVE-2016-10259

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1029

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201703-1029

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-000099

PATCH

title:	SA142: Invalid TCP Packet Generation DoS in SSL Visibility	url:	https://www.symantec.com/security-center/network-protection-security-advisories/SA142	Trust: 0.8
title:	SA142	url:	https://bto.bluecoat.com/security-advisory/sa142	Trust: 0.8

sources: JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118

EXTERNAL IDS

db:	NVD	id:	CVE-2016-10259	Trust: 3.6
db:	BID	id:	97525	Trust: 1.4
db:	JVN	id:	JVN91438377	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-000099	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-003118	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-1029	Trust: 0.7
db:	VULHUB	id:	VHN-89017	Trust: 0.1

sources: VULHUB: VHN-89017 // BID: 97525 // JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118 // CNNVD: CNNVD-201703-1029 // NVD: CVE-2016-10259

REFERENCES

url:	https://bto.bluecoat.com/security-advisory/sa142	Trust: 2.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10259	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2016-10259	Trust: 1.6
url:	http://www.securityfocus.com/bid/97525	Trust: 1.1
url:	https://www.symantec.com/security-center/network-protection-security-advisories/sa142	Trust: 1.1
url:	http://jvn.jp/en/jp/jvn91438377/index.html	Trust: 0.8
url:	https://www.bluecoat.com/	Trust: 0.3

sources: VULHUB: VHN-89017 // BID: 97525 // JVNDB: JVNDB-2017-000099 // JVNDB: JVNDB-2017-003118 // CNNVD: CNNVD-201703-1029 // NVD: CVE-2016-10259

CREDITS

NTT-ME Corporation Security Team.

Trust: 0.3

sources: BID: 97525

SOURCES

db:	VULHUB	id:	VHN-89017
db:	BID	id:	97525
db:	JVNDB	id:	JVNDB-2017-000099
db:	JVNDB	id:	JVNDB-2017-003118
db:	CNNVD	id:	CNNVD-201703-1029
db:	NVD	id:	CVE-2016-10259

LAST UPDATE DATE

2025-04-20T23:37:57.735000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-89017	date:	2018-02-24T00:00:00
db:	BID	id:	97525	date:	2017-04-11T00:05:00
db:	JVNDB	id:	JVNDB-2017-000099	date:	2017-05-31T00:00:00
db:	JVNDB	id:	JVNDB-2017-003118	date:	2017-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201703-1029	date:	2017-05-18T00:00:00
db:	NVD	id:	CVE-2016-10259	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-89017	date:	2017-04-11T00:00:00
db:	BID	id:	97525	date:	2017-04-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-000099	date:	2017-05-24T00:00:00
db:	JVNDB	id:	JVNDB-2017-003118	date:	2017-05-16T00:00:00
db:	CNNVD	id:	CNNVD-201703-1029	date:	2017-03-24T00:00:00
db:	NVD	id:	CVE-2016-10259	date:	2017-04-11T14:59:00.163