Vulnerabilities > Bluecoat > Proxysg Sg210 10

DATE CVE VULNERABILITY TITLE RISK
2012-08-26 CVE-2010-5192 Cross-Site Scripting vulnerability in Bluecoat products
Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
bluecoat CWE-79
4.3
2012-08-26 CVE-2010-5190 Permissions, Privileges, and Access Controls vulnerability in Bluecoat products
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.
network
low complexity
bluecoat CWE-264
5.0
2012-08-26 CVE-2010-5189 Permissions, Privileges, and Access Controls vulnerability in Bluecoat products
Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.
network
bluecoat CWE-264
critical
9.3
2009-04-01 CVE-2009-1211 Configuration vulnerability in Bluecoat products
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
network
bluecoat CWE-16
5.8