Lucene search
HistoryMay 30, 2015 - 7:59 p.m.
CVE-2015-2853
cve-2015-2853
session fixation
webui
blue coat
ssl visibility
appliance
sv800
sv1800
sv2800
sv3800
remote attackers
hijack
web sessions
session id
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID.
Affected configurations
Node
blue_coatssl_visibility_appliance_sv3800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv3800Match-
Node
blue_coatssl_visibility_appliance_sv2800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv2800Match-
Node
blue_coatssl_visibility_appliance_sv1800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv1800Match-
Node
blue_coatssl_visibility_appliance_sv800_firmwareRange≤3.8.3
blue_coatssl_visibility_appliance_sv800Match-
Related
nvd
nvd
CVE-2015-2853
2015-05-30 19:59:06
prion
prion
Session fixation
2015-05-30 19:59:00
cvelist
cvelist
CVE-2015-2853
2015-05-30 19:00:00
cert
cert
Blue Coat SSL Visibility Appliance contains multiple vulnerabilities
2015-05-29 00:00:00
symantec
symantec
SA96 : SSL Visibility Appliance Web-based Vulnerabilities
2015-05-29 08:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
Related for CVE-2015-2853