Lucene search
HistoryMay 30, 2015 - 7:59 p.m.
CVE-2015-2852
cve-2015-2852
csrf
vulnerability
webui
blue coat
ssl visibility appliance
sv800
sv1800
sv2800
sv3800
authentication hijack
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.7%
Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators.
Affected configurations
Node
blue_coatssl_visibility_appliance_sv2800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv2800Match-
Node
blue_coatssl_visibility_appliance_sv1800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv1800Match-
Node
blue_coatssl_visibility_appliance_sv3800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv3800Match-
Node
blue_coatssl_visibility_appliance_sv800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv800Match-
Related
prion
prion
Cross site request forgery (csrf)
2015-05-30 19:59:00
cvelist
cvelist
CVE-2015-2852
2015-05-30 19:00:00
nvd
nvd
CVE-2015-2852
2015-05-30 19:59:04
cert
cert
Blue Coat SSL Visibility Appliance contains multiple vulnerabilities
2015-05-29 00:00:00
symantec
symantec
SA96 : SSL Visibility Appliance Web-based Vulnerabilities
2015-05-29 08:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.7%
Related for CVE-2015-2852