CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2015-8597
https://notcve.org/view.php?id=CVE-2015-8597
08 Jan 2016 — Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%." Vulnerabilidad de redirección abierta en Blue Coat ProxySG 6.5 en versiones anteriores a 6.5.8.8 y 6.6 y Advanced Secure Gateway (... • http://knowitsecure.se/2015/12/18/knowit-secure-sakrar-bluecoat •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-5959
https://notcve.org/view.php?id=CVE-2013-5959
28 Sep 2013 — Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. Blue Coat ProxySG anteriores a 6.2.14.1, 6.3.x, 6.4.x, y 6.5 (anteriores a 6.5.2) permite a atacantes remotos causar una denegación de servicio (consumo de memoria y conexiones interrumpidas) a través de un href recursivo en una página ... • http://osvdb.org/97767 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5189
https://notcve.org/view.php?id=CVE-2010-5189
26 Aug 2012 — Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session. Blue Coat ProxySG before SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios CLI mediante el aprovechamiento de los ... • https://kb.bluecoat.com/index?page=content&id=SA45 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5190
https://notcve.org/view.php?id=CVE-2010-5190
26 Aug 2012 — The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities. La funcionalidad Active Content Transformation en Blue Coat ProxySG anterior a SGOS v4.3.4.2, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.2.1 permite a atacantes remotos saltarse la detección JavaScript a través de entidades... • https://kb.bluecoat.com/index?page=content&id=SA48 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 52EXPL: 0CVE-2010-5192
https://notcve.org/view.php?id=CVE-2010-5192
26 Aug 2012 — Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Java Management Console en Blue Coat ProxySG anterior a SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1... • http://secunia.com/advisories/41695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 70%CPEs: 13EXPL: 1CVE-2011-5124 – Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-5124
26 Aug 2012 — Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp). Desbordamiento de búfer basado en pila en el componente BCAAA anterior a build 60258, cuando es usado por Blue Coat ProxySG v4.2.3 hasta v6.1 y ProxyOne, permite a atacantes remotos ejecutar código arbitrario a través de un paquete de gran tamaño en la sincronización co... • https://www.exploit-db.com/exploits/17513 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •