Lucene search

K
cve[email protected]CVE-2010-5190
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5190

2022-10-0316:21:02
CWE-264
web.nvd.nist.gov
19
cve-2010-5190
active content transformation
blue coat proxysg
sgos
javascript detection
html entities

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

54.9%

The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.

Affected configurations

NVD
Node
bluecoatsgosRange4.3.4
OR
bluecoatsgosMatch3.2.6
OR
bluecoatsgosMatch4.1.2.1
OR
bluecoatsgosMatch4.2.1.2
OR
bluecoatsgosMatch4.2.1.6
OR
bluecoatsgosMatch4.2.2
OR
bluecoatsgosMatch4.2.2.1
OR
bluecoatsgosMatch4.2.2.2
OR
bluecoatsgosMatch4.2.3
OR
bluecoatsgosMatch4.2.3.4
OR
bluecoatsgosMatch4.2.3.7
OR
bluecoatsgosMatch4.2.3.12
OR
bluecoatsgosMatch4.2.3.21
OR
bluecoatsgosMatch4.2.3.26
OR
bluecoatsgosMatch4.2.4.1
OR
bluecoatsgosMatch4.2.5
OR
bluecoatsgosMatch4.2.5.1
OR
bluecoatsgosMatch4.2.6
OR
bluecoatsgosMatch4.2.6.1
OR
bluecoatsgosMatch4.2.6.4
OR
bluecoatsgosMatch4.2.7.1
OR
bluecoatsgosMatch5.2.2.4
OR
bluecoatsgosMatch5.4.5
OR
bluecoatsgosMatch5.5.4
OR
bluecoatsgosMatch6.1.2
AND
bluecoatproxysg
OR
bluecoatproxysg_sg210-10Match--acceleration
OR
bluecoatproxysg_sg210-10Match--full_proxy
OR
bluecoatproxysg_sg210-25Match--acceleration
OR
bluecoatproxysg_sg210-25Match--full_proxy
OR
bluecoatproxysg_sg210-5Match--acceleration
OR
bluecoatproxysg_sg210-5Match--full_proxy
OR
bluecoatproxysg_sg510-10Match--acceleration
OR
bluecoatproxysg_sg510-10Match--full_proxy
OR
bluecoatproxysg_sg510-20Match--acceleration
OR
bluecoatproxysg_sg510-20Match--full_proxy
OR
bluecoatproxysg_sg510-25Match--acceleration
OR
bluecoatproxysg_sg510-25Match--full_proxy
OR
bluecoatproxysg_sg510-5Match--full_proxy
OR
bluecoatproxysg_sg810-10Match--acceleration
OR
bluecoatproxysg_sg810-10Match--full_proxy
OR
bluecoatproxysg_sg810-20Match--acceleration
OR
bluecoatproxysg_sg810-20Match--full_proxy
OR
bluecoatproxysg_sg810-25Match--acceleration
OR
bluecoatproxysg_sg810-25Match--full_proxy
OR
bluecoatproxysg_sg810-5Match--full_proxy
OR
bluecoatproxysg_sg9000-10Match--acceleration
OR
bluecoatproxysg_sg9000-10Match--full_proxy
OR
bluecoatproxysg_sg9000-20Match--acceleration
OR
bluecoatproxysg_sg9000-20Match--full_proxy
OR
bluecoatproxysg_sg9000-5Match--acceleration
OR
bluecoatproxysg_sg9000-5Match--full_proxy

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

54.9%

Related for CVE-2010-5190