Lucene search

K
cve[email protected]CVE-2010-5190
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5190

2022-10-0316:21:02
CWE-264
web.nvd.nist.gov
19
cve-2010-5190
active content transformation
blue coat proxysg
sgos
javascript detection
html entities

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.

Affected configurations

NVD
Node
bluecoatsgosRange4.3.4
OR
bluecoatsgosMatch3.2.6
OR
bluecoatsgosMatch4.1.2.1
OR
bluecoatsgosMatch4.2.1.2
OR
bluecoatsgosMatch4.2.1.6
OR
bluecoatsgosMatch4.2.2
OR
bluecoatsgosMatch4.2.2.1
OR
bluecoatsgosMatch4.2.2.2
OR
bluecoatsgosMatch4.2.3
OR
bluecoatsgosMatch4.2.3.4
OR
bluecoatsgosMatch4.2.3.7
OR
bluecoatsgosMatch4.2.3.12
OR
bluecoatsgosMatch4.2.3.21
OR
bluecoatsgosMatch4.2.3.26
OR
bluecoatsgosMatch4.2.4.1
OR
bluecoatsgosMatch4.2.5
OR
bluecoatsgosMatch4.2.5.1
OR
bluecoatsgosMatch4.2.6
OR
bluecoatsgosMatch4.2.6.1
OR
bluecoatsgosMatch4.2.6.4
OR
bluecoatsgosMatch4.2.7.1
OR
bluecoatsgosMatch5.2.2.4
OR
bluecoatsgosMatch5.4.5
OR
bluecoatsgosMatch5.5.4
OR
bluecoatsgosMatch6.1.2
AND
bluecoatproxysg
OR
bluecoatproxysg_sg210-10Match--acceleration
OR
bluecoatproxysg_sg210-10Match--full_proxy
OR
bluecoatproxysg_sg210-25Match--acceleration
OR
bluecoatproxysg_sg210-25Match--full_proxy
OR
bluecoatproxysg_sg210-5Match--acceleration
OR
bluecoatproxysg_sg210-5Match--full_proxy
OR
bluecoatproxysg_sg510-10Match--acceleration
OR
bluecoatproxysg_sg510-10Match--full_proxy
OR
bluecoatproxysg_sg510-20Match--acceleration
OR
bluecoatproxysg_sg510-20Match--full_proxy
OR
bluecoatproxysg_sg510-25Match--acceleration
OR
bluecoatproxysg_sg510-25Match--full_proxy
OR
bluecoatproxysg_sg510-5Match--full_proxy
OR
bluecoatproxysg_sg810-10Match--acceleration
OR
bluecoatproxysg_sg810-10Match--full_proxy
OR
bluecoatproxysg_sg810-20Match--acceleration
OR
bluecoatproxysg_sg810-20Match--full_proxy
OR
bluecoatproxysg_sg810-25Match--acceleration
OR
bluecoatproxysg_sg810-25Match--full_proxy
OR
bluecoatproxysg_sg810-5Match--full_proxy
OR
bluecoatproxysg_sg9000-10Match--acceleration
OR
bluecoatproxysg_sg9000-10Match--full_proxy
OR
bluecoatproxysg_sg9000-20Match--acceleration
OR
bluecoatproxysg_sg9000-20Match--full_proxy
OR
bluecoatproxysg_sg9000-5Match--acceleration
OR
bluecoatproxysg_sg9000-5Match--full_proxy

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

Related for CVE-2010-5190