Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1369
HistoryJun 24, 2016 - 8:00 a.m.

SA127 : PacketShaper S-Series Insecure Cryptographic Parameters

2016-06-2408:00:00
Symantec Security Response
12

0.003 Low

EPSS

Percentile

68.0%

JSON

SUMMARY

The HTTPS web UI in PacketShaper S-Series 11.5 may use insecure cryptographic parameters for incoming management connections. A remote attacker who can be a man-in-the-middle, under certain circumstances, may be able to exploit this vulnerability to obtain user authentication credentials. The attacker can then view/modify appliance configuration and view appliance statistics.

AFFECTED PRODUCTS

PacketShaper S-Series

CVE |Affected Version(s)|Remediation
All CVEs | 11.6 and later | Not vulnerable, fixed in 11.6.1.1
11.5 | Upgrade to 11.5.3.2.
11.2 - 11.4 | Not vulnerable

ADDITIONAL PRODUCT INFORMATION

The HTTPS server in PacketShaper S-Series provides access to the appliance's web-based Blue Coat Sky UI and Advanced UI. Blue Coat recommends that the PacketShaper S-Series appliance be deployed in a secure network that restricts access to the appliance management network interfaces. Authenticated users who have access to the management interfaces can access the web UI to perform management tasks, such as to modify appliance settings, configure the traffic classification policy, monitor network usage, and generate reports.

This vulnerability can be exploited only through the PacketShaper S-Series management interfaces. If the appliance management network interfaces are not deployed in a secure network, this increases the threat of exploiting the vulnerability.

ISSUES

CVE-2016-5774

Severity / CVSSv2 | Medium / 6.9 (AV:A/AC:M/Au:N/C:P/I:P/A:C) References| SecurityFocus: BID 91455 / NVD: CVE-2016-5774 Impact| Information disclosure, unauthorized modification of data Description | It was found that the HTTPS server in PacketShaper S-Series 11.5 may use insecure cryptographic parameters for incoming encrypted SSL/TLS connections. A remote attacker who can be a man-in-the-middle, under certain circumstances, may be able to exploit this vulnerability to obtain user authentication credentials and other sensitive information. The attacker can then use the authentication credentials to view or modify the appliance configuration and statistics provided by the web UI and CLI.

ACKNOWLEDGEMENTS

Thanks to Kristen Petra Dorey from Western University for reporting the vulnerability.

REVISION

2016-06-24 initial public release

Related

cvelist 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2016-5774
2016-07-12 19:00:00
nvd
nvd
CVE-2016-5774
2016-07-12 19:59:07
prion
prion
Design/Logic Flaw
2016-07-12 19:59:00
cve
cve
CVE-2016-5774
2016-07-12 19:59:07

0.003 Low

EPSS

Percentile

68.0%

JSON
Related for SMNTC-1369
cvelist1nvd1prion1cve1