CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2016-6594
https://notcve.org/view.php?id=CVE-2016-6594
08 Jun 2017 — Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning. Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG versiones 6.5 y 6.6 permite a los atacantes remotos evitar las solicitudes bloqueadas, la autenticación del usuario y el escaneo de la carga útil. • http://www.securityfocus.com/bid/91404 • CWE-254: 7PK - Security Features •
CVSS: 5.9EPSS: 0%CPEs: 32EXPL: 0CVE-2016-10259
https://notcve.org/view.php?id=CVE-2016-10259
11 Apr 2017 — Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server. Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 anterior a 3.10.4.1 y versiones 3.11 anteriores a la 3.11.3.1 es susceptible a una vulnerabilidad de denegación de servicio (DoS) que imp... • http://www.securityfocus.com/bid/97525 • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 36%CPEs: 2EXPL: 3CVE-2016-9091 – Bluecoat ASG 6.6/CAS 1.3 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-9091
03 Apr 2017 — Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges. Blue Coat Advanced Security Gateway (ASG) 6.6 en versiones anteriores a 6.6.5.4 y el Sistema de Análisis de Contenido (CAS) 1.3 en versiones anteriores a 1.3.7.4 son susceptibles a una vulnerabilidad de inyección de comandos de OS. Un... • https://packetstorm.news/files/id/141909 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2015-8597
https://notcve.org/view.php?id=CVE-2015-8597
08 Jan 2016 — Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%." Vulnerabilidad de redirección abierta en Blue Coat ProxySG 6.5 en versiones anteriores a 6.5.8.8 y 6.6 y Advanced Secure Gateway (... • http://knowitsecure.se/2015/12/18/knowit-secure-sakrar-bluecoat •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8482
https://notcve.org/view.php?id=CVE-2015-8482
07 Dec 2015 — Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors. Blue Coat Unified Agent en versiones anteriores a 4.6.2 no impide la modificación de sus archivos de configuración cuando se ejecuta en modo local enforcement, lo que permite a administradores locales desbloquear categorías o deshabilitar el agente a través de vectores no esp... • https://bto.bluecoat.com/security-advisory/sa102 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1454
https://notcve.org/view.php?id=CVE-2015-1454
02 Feb 2015 — Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate. Blue Coat ProxyClient anterior a 3.3.3.3 y 3.4.x anterior a 3.4.4.10 y Unified Agent anterior a 4.1.3.151952 no validan correctamente ciertos certificados, lo que permite a atacante... • http://secunia.com/advisories/62617 • CWE-310: Cryptographic Issues •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2565
https://notcve.org/view.php?id=CVE-2014-2565
30 Apr 2014 — The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection." La interfaz commandline en Blue Coat Content Analysis System (CAS) 1.1 anterior a 1.1.4.2 permite a administradores remotos ejecutar comandos arbitrarios a través de vectores no especificados, relacionado con "inyección de comandos." • https://kb.bluecoat.com/index?page=content&id=SA78&actp=LIST • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.9EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2033
https://notcve.org/view.php?id=CVE-2014-2033
02 Mar 2014 — The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. La funcionalidad de cacheo en SGOS en Blue Coat ProxySG 5.5 hasta 5.5.11.3, 6.1 hasta 6.1.6.3, 6.2 hasta 6.2.15.3, 6.4 hasta 6.4.6.1 y 6.3 y 6.5 anterior a 6.... • http://www.kb.cert.org/vuls/id/221620 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-5959
https://notcve.org/view.php?id=CVE-2013-5959
28 Sep 2013 — Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. Blue Coat ProxySG anteriores a 6.2.14.1, 6.3.x, 6.4.x, y 6.5 (anteriores a 6.5.2) permite a atacantes remotos causar una denegación de servicio (consumo de memoria y conexiones interrumpidas) a través de un href recursivo en una página ... • http://osvdb.org/97767 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5189
https://notcve.org/view.php?id=CVE-2010-5189
26 Aug 2012 — Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session. Blue Coat ProxySG before SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios CLI mediante el aprovechamiento de los ... • https://kb.bluecoat.com/index?page=content&id=SA45 • CWE-264: Permissions, Privileges, and Access Controls •