Vulnerabilities > Bluecoat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-08 | CVE-2016-6594 | 7PK - Security Features vulnerability in Bluecoat Advanced Secure Gateway, Cacheflow and Proxysg Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning. | 5.0 |
| 2017-04-11 | CVE-2016-10259 | Resource Management Errors vulnerability in Bluecoat products Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. | 4.3 |
| 2017-04-05 | CVE-2016-9091 | OS Command Injection vulnerability in Bluecoat products Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. | 9.0 |
| 2016-01-08 | CVE-2015-8597 | Open Redirection vulnerability in Bluecoat Advanced Secure Gateway and Proxysg Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%." <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a> network bluecoat | 5.8 |
| 2015-12-07 | CVE-2015-8482 | Permissions, Privileges, and Access Controls vulnerability in Bluecoat Unified Agent 4.1.3/4.6.1 Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors. | 2.1 |
| 2015-02-02 | CVE-2015-1454 | Cryptographic Issues vulnerability in Bluecoat Proxyclient and Unified Agent Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate. | 7.1 |
| 2014-04-30 | CVE-2014-2565 | OS Command Injection vulnerability in Bluecoat products The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection." | 6.5 |
| 2014-03-02 | CVE-2014-2033 | Permissions, Privileges, and Access Controls vulnerability in Bluecoat Proxysgos The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. | 7.9 |
| 2013-09-28 | CVE-2013-5959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bluecoat Proxysg and Proxysgos Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. | 7.1 |
| 2012-08-26 | CVE-2011-5127 | Path Traversal vulnerability in Bluecoat Reporter Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | 10.0 |