Lucene search

K
cve[email protected]CVE-2010-5189
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5189

2022-10-0316:21:03
CWE-264
web.nvd.nist.gov
20
blue coat proxysg
cve-2010-5189
command execution
remote authentication
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.

Affected configurations

NVD
Node
bluecoatsgosRange4.3.4
OR
bluecoatsgosMatch3.2.6
OR
bluecoatsgosMatch4.1.2.1
OR
bluecoatsgosMatch4.2.1.2
OR
bluecoatsgosMatch4.2.1.6
OR
bluecoatsgosMatch4.2.2
OR
bluecoatsgosMatch4.2.2.1
OR
bluecoatsgosMatch4.2.2.2
OR
bluecoatsgosMatch4.2.3
OR
bluecoatsgosMatch4.2.3.4
OR
bluecoatsgosMatch4.2.3.7
OR
bluecoatsgosMatch4.2.3.12
OR
bluecoatsgosMatch4.2.3.21
OR
bluecoatsgosMatch4.2.3.26
OR
bluecoatsgosMatch4.2.4.1
OR
bluecoatsgosMatch4.2.5
OR
bluecoatsgosMatch4.2.5.1
OR
bluecoatsgosMatch4.2.6
OR
bluecoatsgosMatch4.2.6.1
OR
bluecoatsgosMatch4.2.6.4
OR
bluecoatsgosMatch4.2.7.1
OR
bluecoatsgosMatch5.2.2.4
OR
bluecoatsgosMatch5.4.5
OR
bluecoatsgosMatch5.5.4
OR
bluecoatsgosMatch6.1
AND
bluecoatproxysg
OR
bluecoatproxysg_sg210-10Match--acceleration
OR
bluecoatproxysg_sg210-10Match--full_proxy
OR
bluecoatproxysg_sg210-25Match--acceleration
OR
bluecoatproxysg_sg210-25Match--full_proxy
OR
bluecoatproxysg_sg210-5Match--acceleration
OR
bluecoatproxysg_sg210-5Match--full_proxy
OR
bluecoatproxysg_sg510-10Match--acceleration
OR
bluecoatproxysg_sg510-10Match--full_proxy
OR
bluecoatproxysg_sg510-20Match--acceleration
OR
bluecoatproxysg_sg510-20Match--full_proxy
OR
bluecoatproxysg_sg510-25Match--acceleration
OR
bluecoatproxysg_sg510-25Match--full_proxy
OR
bluecoatproxysg_sg510-5Match--full_proxy
OR
bluecoatproxysg_sg810-10Match--acceleration
OR
bluecoatproxysg_sg810-10Match--full_proxy
OR
bluecoatproxysg_sg810-20Match--acceleration
OR
bluecoatproxysg_sg810-20Match--full_proxy
OR
bluecoatproxysg_sg810-25Match--acceleration
OR
bluecoatproxysg_sg810-25Match--full_proxy
OR
bluecoatproxysg_sg810-5Match--full_proxy
OR
bluecoatproxysg_sg9000-10Match--acceleration
OR
bluecoatproxysg_sg9000-10Match--full_proxy
OR
bluecoatproxysg_sg9000-20Match--acceleration
OR
bluecoatproxysg_sg9000-20Match--full_proxy
OR
bluecoatproxysg_sg9000-5Match--acceleration
OR
bluecoatproxysg_sg9000-5Match--full_proxy

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

Related for CVE-2010-5189