Search criteria
9 vulnerabilities found for N/A by Bluecoat
CERTFR-2016-AVI-237
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été corrigée dans les produitsBlueCoat. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BlueCoat CacheFlow 3.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "BlueCoat ProxySG 6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "BlueCoat ProxySG 6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [],
"reference": "CERTFR-2016-AVI-237",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-07-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans les produits\u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA130 du 14 juillet 2016",
"url": "https://bto.bluecoat.com/security-advisory/sa130"
}
]
}
CERTFR-2015-AVI-553
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Bluecoat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Bluecoat MAA versions 4.2 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Bluecoat ProxySG versions ant\u00e9rieures \u00e0 6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Bluecoat ProxySG versions ant\u00e9rieures \u00e0 6.5.8.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4800"
},
{
"name": "CVE-2015-4862",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4862"
},
{
"name": "CVE-2015-4836",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4836"
},
{
"name": "CVE-2015-4905",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4905"
},
{
"name": "CVE-2015-4792",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4792"
},
{
"name": "CVE-2015-4864",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4864"
},
{
"name": "CVE-2015-4833",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4833"
},
{
"name": "CVE-2015-4866",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4866"
},
{
"name": "CVE-2015-4826",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4826"
},
{
"name": "CVE-2015-4858",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4858"
},
{
"name": "CVE-2015-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4802"
},
{
"name": "CVE-2015-4861",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4861"
},
{
"name": "CVE-2015-4730",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4730"
},
{
"name": "CVE-2015-4895",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4895"
},
{
"name": "CVE-2015-4870",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4870"
},
{
"name": "CVE-2015-4910",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4910"
},
{
"name": "CVE-2015-4830",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4830"
},
{
"name": "CVE-2015-4879",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4879"
},
{
"name": "CVE-2015-4815",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4815"
},
{
"name": "CVE-2015-4890",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4890"
},
{
"name": "CVE-2015-4791",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4791"
},
{
"name": "CVE-2015-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4807"
},
{
"name": "CVE-2015-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4904"
},
{
"name": "CVE-2015-4766",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4766"
},
{
"name": "CVE-2015-4816",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4816"
},
{
"name": "CVE-2015-4819",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4819"
},
{
"name": "CVE-2015-4913",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4913"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-553",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-12-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eBluecoat\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Bluecoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Bluecoat SA106 du 17 d\u00e9cembre 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa106"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Bluecoat SA107 du 17 d\u00e9cembre 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa107"
}
]
}
CERTFR-2015-AVI-317
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits BlueCoat. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Blue Coat HSM Agent pour SafeNet Luna SP",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Management Center",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "X-Series XOS",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "IntelligenceCenter",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Director",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Content Analysis System",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0075"
},
{
"name": "CVE-2014-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0050"
},
{
"name": "CVE-2014-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0119"
},
{
"name": "CVE-2014-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0227"
},
{
"name": "CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"name": "CVE-2014-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0099"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2014-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0095"
},
{
"name": "CVE-2014-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
},
{
"name": "CVE-2014-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0096"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-317",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA100 du 23 juillet 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa100"
}
]
}
CERTFR-2015-AVI-259
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits BlueCoat. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Bluecoat | N/A | PacketShaper S-Series 11.2, 11.3, et 11.4 | ||
| Bluecoat | N/A | OPIC | ||
| Bluecoat | N/A | SSLV 3.7 et 3.8 versions antérieures à 3.8.2-418 et 3.8.3-120 | ||
| Bluecoat | N/A | NSP 5.2 et 5.3 | ||
| Bluecoat | N/A | Android Mobile Agent 1.x | ||
| Bluecoat | N/A | SA 6.6, 7.0, et 7.1 | ||
| Bluecoat | N/A | ProxyClient 3.4 | ||
| Bluecoat | N/A | PacketShaper 9.2 | ||
| Bluecoat | N/A | Client Connector | ||
| Bluecoat | N/A | IntelligenceCenter 3.2 et 3.3 | ||
| Bluecoat | N/A | ProxyAV 3.4 et 3.5 | ||
| Bluecoat | N/A | SGOS 6.2 versions antérieures à 6.2.16.4, 6.5 versions antérieures à 6.5.7.5, et 6.6 | ||
| Bluecoat | N/A | Reporter (Virtualized Reporter) 9.4 | ||
| Bluecoat | N/A | NNP 5.2 et 5.3 | ||
| Bluecoat | N/A | CAS 1.1 versions antérieures à 1.1.5.6 et 1.2 versions antérieures 1.2.4.4 | ||
| Bluecoat | N/A | BCAAA 5.5 et 6.1 | ||
| Bluecoat | N/A | CacheFlow 2.x et 3.x | ||
| Bluecoat | N/A | MAA 4.1 et 4.2 | ||
| Bluecoat | N/A | MAG2 | ||
| Bluecoat | N/A | ICSP 5.3 | ||
| Bluecoat | N/A | Director 6.1 versions antérieures 6.1.19.1 | ||
| Bluecoat | N/A | PolicyCenter 9.2 | ||
| Bluecoat | N/A | Management Center versions antérieures 1.3.3.2 | ||
| Bluecoat | N/A | Unified Agent 4.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PacketShaper S-Series 11.2, 11.3, et 11.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "OPIC",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "SSLV 3.7 et 3.8 versions ant\u00e9rieures \u00e0 3.8.2-418 et 3.8.3-120",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "NSP 5.2 et 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Android Mobile Agent 1.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "SA 6.6, 7.0, et 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ProxyClient 3.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "PacketShaper 9.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Client Connector",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "IntelligenceCenter 3.2 et 3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ProxyAV 3.4 et 3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "SGOS 6.2 versions ant\u00e9rieures \u00e0 6.2.16.4, 6.5 versions ant\u00e9rieures \u00e0 6.5.7.5, et 6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Reporter (Virtualized Reporter) 9.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "NNP 5.2 et 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "CAS 1.1 versions ant\u00e9rieures \u00e0 1.1.5.6 et 1.2 versions ant\u00e9rieures 1.2.4.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "BCAAA 5.5 et 6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "CacheFlow 2.x et 3.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "MAA 4.1 et 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "MAG2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ICSP 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Director 6.1 versions ant\u00e9rieures 6.1.19.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "PolicyCenter 9.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Management Center versions ant\u00e9rieures 1.3.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Unified Agent 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-0208",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0208"
},
{
"name": "CVE-2015-0292",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
},
{
"name": "CVE-2015-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0286"
},
{
"name": "CVE-2015-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0288"
},
{
"name": "CVE-2015-0290",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0290"
},
{
"name": "CVE-2015-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0207"
},
{
"name": "CVE-2015-0285",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0285"
},
{
"name": "CVE-2015-0293",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0293"
},
{
"name": "CVE-2015-0287",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0287"
},
{
"name": "CVE-2015-1787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1787"
},
{
"name": "CVE-2015-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0209"
},
{
"name": "CVE-2015-0291",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0291"
},
{
"name": "CVE-2015-0289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0289"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-259",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-06-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA92 du 16 juin 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa92"
}
]
}
CERTFR-2015-AVI-181
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans BlueCoat Malware Analysis Appliance (MAA). Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BlueCoat Malware Analysis Appliance versions ant\u00e9rieures \u00e0 4.2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "BlueCoat Malware Analyzer G2 versions 3.5 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-0937",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0937"
},
{
"name": "CVE-2015-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0938"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-181",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-04-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eBlueCoat Malware Analysis Appliance (MAA)\u003c/span\u003e. Elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans BlueCoat Malware Analysis Appliance (MAA)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA94 du 16 avril 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa94"
}
]
}
CERTFR-2015-AVI-038
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été corrigée dans les produits BlueCoat. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Unified Agent versions ant\u00e9rieures \u00e0 4.1.3.151952",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ProxyClient versions ant\u00e9rieures \u00e0 3.4.4.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ProxyClient versions ant\u00e9rieures \u00e0 3.3.3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [],
"reference": "CERTFR-2015-AVI-038",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-01-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans les produits \u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat sa89 du 23 janvier 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa89"
}
]
}
CERTFR-2015-AVI-024
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits BlueCoat. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Bluecoat | N/A | ProxyAV version 3.5 et antérieures | ||
| Bluecoat | N/A | NNP 5.x | ||
| Bluecoat | N/A | XOS version 10.0 et postérieures | ||
| Bluecoat | N/A | ICSP 5.x | ||
| Bluecoat | N/A | Security Analytics 6.6.9 et 7.1.5 | ||
| Bluecoat | N/A | MAA 4.1.x | ||
| Bluecoat | N/A | SSLV version 3.8.x et antérieures | ||
| Bluecoat | N/A | MAG2 | ||
| Bluecoat | N/A | NSP 5.x | ||
| Bluecoat | N/A | Director 6.x | ||
| Bluecoat | N/A | Management Center 1.x version antérieures à 1.2 | ||
| Bluecoat | N/A | SGOS 6.x |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ProxyAV version 3.5 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "NNP 5.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "XOS version 10.0 et post\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "ICSP 5.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Security Analytics 6.6.9 et 7.1.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "MAA 4.1.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "SSLV version 3.8.x et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "MAG2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "NSP 5.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Director 6.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Management Center 1.x version ant\u00e9rieures \u00e0 1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "SGOS 6.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3567"
},
{
"name": "CVE-2014-3513",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3513"
},
{
"name": "CVE-2014-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3568"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-024",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA87 du 14 janvier 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa87"
}
]
}
CERTA-2012-AVI-729
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités ont été corrigées dans Bluecoat. Elles concernent un débordement de tampon en mémoire dans le module OpenSSL et peut être provoqué par un message DER spécialement conçu.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Bluecoat ProxySG",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Bluecoat IntelligenceCenter",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-2110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
},
{
"name": "CVE-2012-2131",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SA70 du 04 d\u00e9cembre 2012 :",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA70"
}
],
"reference": "CERTA-2012-AVI-729",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-12-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eBluecoat\u003c/span\u003e. Elles concernent un d\u00e9bordement de\ntampon en m\u00e9moire dans le module \u003cspan class=\"textit\"\u003eOpenSSL\u003c/span\u003e et\npeut \u00eatre provoqu\u00e9 par un message DER sp\u00e9cialement con\u00e7u.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Bluecoat IntelligenceCenter et ProxySG",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Bluecoat SA70 du 04 d\u00e9cembre 2012",
"url": null
}
]
}
CERTA-2011-AVI-052
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans les produits BlueCoat permet à un attaquant de contourner la politique de sécurité et d'intercepter des données.
Description
L'implémentation de SSL dans les produits BlueCoat inclut une version vulnérable de OpenSSL. Un attaquant peut tenter de baisser le niveau de chiffrement et d'intercepter des données sensibles comme les identifiants de session.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BlueCoat ProxySG versions ant\u00e9rieures \u00e0 6.1.2.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "BlueCoat CacheFlow versions ant\u00e9rieures \u00e0 2.1.4.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nL\u0027impl\u00e9mentation de SSL dans les produits BlueCoat inclut une version\nvuln\u00e9rable de OpenSSL. Un attaquant peut tenter de baisser le niveau de\nchiffrement et d\u0027intercepter des donn\u00e9es sensibles comme les\nidentifiants de session.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-4180",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Blue Coat SA53 du 31 janvier 2011 : https://kb.bluecoat.com/index?page=content\u0026id=SA53",
"url": "http://kb.bluecoat.com/index?page=content\u0026id=SA53"
}
],
"reference": "CERTA-2011-AVI-052",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-02-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans les produits BlueCoat permet \u00e0 un attaquant de\ncontourner la politique de s\u00e9curit\u00e9 et d\u0027intercepter des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA53 du 31 janvier 2011",
"url": null
}
]
}