CVSS: 9.3EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5189
https://notcve.org/view.php?id=CVE-2010-5189
26 Aug 2012 — Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session. Blue Coat ProxySG before SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios CLI mediante el aprovechamiento de los ... • https://kb.bluecoat.com/index?page=content&id=SA45 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5190
https://notcve.org/view.php?id=CVE-2010-5190
26 Aug 2012 — The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities. La funcionalidad Active Content Transformation en Blue Coat ProxySG anterior a SGOS v4.3.4.2, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.2.1 permite a atacantes remotos saltarse la detección JavaScript a través de entidades... • https://kb.bluecoat.com/index?page=content&id=SA48 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5192
https://notcve.org/view.php?id=CVE-2010-5192
26 Aug 2012 — Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Java Management Console en Blue Coat ProxySG anterior a SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1... • http://secunia.com/advisories/41695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-5126
https://notcve.org/view.php?id=CVE-2011-5126
26 Aug 2012 — Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file. Blue Coat ProxySG v6.1 anterior a SGOS v6.1.5.1 y a v6.2.2.1 6.2 escribe el montón segura de las imágenes centrales, lo que permite a atacantes dependientes de contexto para obtener información confidencial de autenticación mediante el aprovechamiento de acceso ... • https://kb.bluecoat.com/index?page=content&id=SA56 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0578
https://notcve.org/view.php?id=CVE-2006-0578
08 Feb 2006 — Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters. Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 no impone reglas CONNECT cuando se usa Deep Content Inspection, lo que permite a atacantes remotos evitar filtros de conexión. • http://secunia.com/advisories/18622 •