CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 2CVE-2016-9091 – Bluecoat ASG 6.6/CAS 1.3 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-9091
Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges. Blue Coat Advanced Security Gateway (ASG) 6.6 en versiones anteriores a 6.6.5.4 y el Sistema de Análisis de Contenido (CAS) 1.3 en versiones anteriores a 1.3.7.4 son susceptibles a una vulnerabilidad de inyección de comandos de OS. Un administrador malicioso autenticado puede ejecutar comandos de OS arbitrarios con privilegios de sistema elevados. • https://www.exploit-db.com/exploits/41786 https://www.exploit-db.com/exploits/41785 http://www.securityfocus.com/bid/97372 https://bto.bluecoat.com/security-advisory/sa138 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2565
https://notcve.org/view.php?id=CVE-2014-2565
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection." La interfaz commandline en Blue Coat Content Analysis System (CAS) 1.1 anterior a 1.1.4.2 permite a administradores remotos ejecutar comandos arbitrarios a través de vectores no especificados, relacionado con "inyección de comandos." • https://kb.bluecoat.com/index?page=content&id=SA78&actp=LIST • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •