Vulnerabilities > CVE-2015-2853 - SSL Visibility Appliances Multiple Security vulnerability in Blue Coat

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
blue-coat

Summary

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID. <a href="http://cwe.mitre.org/data/definitions/384.html">CWE-384: Session Fixation</a>