Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-2941

Malware in sbrugna...

6.8CVSS6.4AI score0.01539EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2942

Malware in sbrugna...

4.3CVSS6.4AI score0.01422EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/24 5:41 a.m.3 views

SSL Visibility Appliance may generate illegal RST packets

Overview SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web...

7.2CVSS6.8AI score0.01453EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/24 12:0 a.m.25 views

JVN#91438377: SSL Visibility Appliance may generate illegal RST packets

SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behi...

5.9CVSS5.8AI score0.01453EPSS
Exploits0
CNVD
CNVD
added 2015/06/05 12:0 a.m.3 views

Multiple Blue Coat Systems SSL Visibility Appliance Products Incorrectly Enter Authentication Vulnerabilities

Blue Coat Systems SSL Visibility Appliance SV800 and others are products of Blue Coat Systems, U.S.A. The Blue Coat SSL Visibility Appliance SV800 is a management platform that provides complete visibility into encrypted traffic. The appliance offers features such as a dedicated encrypted traffic...

4.3CVSS7AI score0.01422EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/05 12:0 a.m.2 views

Multiple Blue Coat Systems SSL Visibility Appliance Product Sensitive Information Vulnerabilities

Blue Coat Systems SSL Visibility Appliance SV800 and others are SSL visibility appliances from Blue Coat Systems, USA, which are at the heart of encrypted traffic management, providing visibility into SSL traffic and supporting the addition of SSL inspection capabilities to advanced threat...

4.3CVSS6.6AI score0.01431EPSS
Exploits0References1
NVD
NVD
added 2015/05/30 7:59 p.m.23 views

CVE-2015-2855

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its...

4.3CVSS6.3AI score0.01451EPSS
Exploits0References3
NVD
NVD
added 2015/05/30 7:59 p.m.17 views

CVE-2015-2854

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via vectors involving an IFRAME element...

4.3CVSS6.5AI score0.01422EPSS
Exploits0References3
NVD
NVD
added 2015/05/30 7:59 p.m.25 views

CVE-2015-2852

Cross-site request forgery CSRF vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators...

4.3CVSS7.1AI score0.00708EPSS
Exploits0References3
Prion
Prion
added 2015/05/30 7:59 p.m.16 views

Design/Logic Flaw

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator's cookie, which makes it easier for remote attackers to obtain potentially sensitive...

4.3CVSS6.6AI score0.01451EPSS
Exploits0References2Affected Software4
Prion
Prion
added 2015/05/30 7:59 p.m.21 views

Session fixation

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID...

6.8CVSS7.2AI score0.01539EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2015/05/30 7:59 p.m.18 views

Design/Logic Flaw

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its...

4.3CVSS6.7AI score0.01451EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2015/05/30 7:59 p.m.19 views

Design/Logic Flaw

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via vectors involving an IFRAME element...

4.3CVSS7.1AI score0.01422EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2015/05/30 7:59 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators...

4.3CVSS7.6AI score0.00708EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2015/05/30 7:0 p.m.47 views

CVE-2015-2852

Blue Coat SSL Visibility Appliance WebUI (SV800/SV1800/SV2800/SV3800; 3.6.x–3.8.x before 3.8.4) is affected by CVE-2015-2852, a CSRF flaw that lets an attacker hijack an administrator’s session by inducing a logged-in user to trigger a malicious request. Root cause is CSRF in the WebUI component,...

4.3CVSS7.3AI score0.00708EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/05/30 7:0 p.m.18 views

CVE-2015-2854

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via vectors involving an IFRAME element...

6.5AI score0.01422EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/05/30 7:0 p.m.32 views

CVE-2015-4138

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator's cookie, which makes it easier for remote attackers to obtain potentially sensitive...

5.9AI score0.01431EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/05/30 7:0 p.m.25 views

CVE-2015-2853

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID...

6.6AI score0.01539EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/05/30 7:0 p.m.19 views

CVE-2015-2852

Cross-site request forgery CSRF vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators...

7.1AI score0.00708EPSS
Exploits0References3
CVE
CVE
added 2015/05/30 7:0 p.m.52 views

CVE-2015-2854

The CVE-2015-2854 entry concerns Blue Coat SSL Visibility Appliance WebUI (SV800, SV1800, SV2800, SV3800) versions 3.6.x–3.8.3. The root cause is improper X-Frame-Options handling in the WebUI, failing to enforce same-origin policy and enabling clickjacking via crafted IFRAMEs. Impact is remote, ...

4.3CVSS6.7AI score0.01422EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder