Vulnerabilites related to bluecoat - proxysg_sg510-5
cve-2009-1211
Vulnerability from cvelistv5
Published
2009-04-01 10:00
Modified
2024-09-17 04:09
Severity ?
Summary
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T05:04:49.248Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
               },
               {
                  name: "1021781",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1021781",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2009-04-01T10:00:00Z",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
            },
            {
               name: "1021781",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1021781",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2009-1211",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
                     refsource: "CONFIRM",
                     url: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
                  },
                  {
                     name: "1021781",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1021781",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2009-1211",
      datePublished: "2009-04-01T10:00:00Z",
      dateReserved: "2009-03-31T00:00:00Z",
      dateUpdated: "2024-09-17T04:09:14.663Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2010-5192
Vulnerability from cvelistv5
Published
2012-08-26 19:00
Modified
2024-08-07 04:09
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
http://www.vupen.com/english/advisories/2010/2562vdb-entry, x_refsource_VUPEN
https://kb.bluecoat.com/index?page=content&id=SA47x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/62240vdb-entry, x_refsource_XF
http://www.osvdb.org/68322vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/43675vdb-entry, x_refsource_BID
http://securitytracker.com/id?1024503vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/41695third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T04:09:39.307Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "ADV-2010-2562",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/2562",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.bluecoat.com/index?page=content&id=SA47",
               },
               {
                  name: "bluecoat-proxysg-userinterface-xss(62240)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62240",
               },
               {
                  name: "68322",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/68322",
               },
               {
                  name: "43675",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/43675",
               },
               {
                  name: "1024503",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1024503",
               },
               {
                  name: "41695",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/41695",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2010-10-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-08-28T12:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "ADV-2010-2562",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/2562",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.bluecoat.com/index?page=content&id=SA47",
            },
            {
               name: "bluecoat-proxysg-userinterface-xss(62240)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62240",
            },
            {
               name: "68322",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/68322",
            },
            {
               name: "43675",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/43675",
            },
            {
               name: "1024503",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1024503",
            },
            {
               name: "41695",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/41695",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2010-5192",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "ADV-2010-2562",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2010/2562",
                  },
                  {
                     name: "https://kb.bluecoat.com/index?page=content&id=SA47",
                     refsource: "CONFIRM",
                     url: "https://kb.bluecoat.com/index?page=content&id=SA47",
                  },
                  {
                     name: "bluecoat-proxysg-userinterface-xss(62240)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62240",
                  },
                  {
                     name: "68322",
                     refsource: "OSVDB",
                     url: "http://www.osvdb.org/68322",
                  },
                  {
                     name: "43675",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/43675",
                  },
                  {
                     name: "1024503",
                     refsource: "SECTRACK",
                     url: "http://securitytracker.com/id?1024503",
                  },
                  {
                     name: "41695",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/41695",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2010-5192",
      datePublished: "2012-08-26T19:00:00",
      dateReserved: "2012-08-26T00:00:00",
      dateUpdated: "2024-08-07T04:09:39.307Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2010-5190
Vulnerability from cvelistv5
Published
2012-08-26 19:00
Modified
2024-09-16 22:41
Severity ?
Summary
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T04:09:39.310Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.bluecoat.com/index?page=content&id=SA48",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2012-08-26T19:00:00Z",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.bluecoat.com/index?page=content&id=SA48",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2010-5190",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.bluecoat.com/index?page=content&id=SA48",
                     refsource: "CONFIRM",
                     url: "https://kb.bluecoat.com/index?page=content&id=SA48",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2010-5190",
      datePublished: "2012-08-26T19:00:00Z",
      dateReserved: "2012-08-26T00:00:00Z",
      dateUpdated: "2024-09-16T22:41:25.454Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2010-5189
Vulnerability from cvelistv5
Published
2012-08-26 19:00
Modified
2024-09-17 03:07
Severity ?
Summary
Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T04:09:39.304Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.bluecoat.com/index?page=content&id=SA45",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2012-08-26T19:00:00Z",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.bluecoat.com/index?page=content&id=SA45",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2010-5189",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.bluecoat.com/index?page=content&id=SA45",
                     refsource: "CONFIRM",
                     url: "https://kb.bluecoat.com/index?page=content&id=SA45",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2010-5189",
      datePublished: "2012-08-26T19:00:00Z",
      dateReserved: "2012-08-26T00:00:00Z",
      dateUpdated: "2024-09-17T03:07:04.023Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2009-04-01 10:30
Modified
2024-11-21 01:01
Severity ?
Summary
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:bluecoat:proxysg_va-10:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "52A8FDA3-E3E4-407D-9FB3-091A59EA50D4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:bluecoat:proxysg_va-15:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "124C54BF-B511-47FF-96A4-7B2DCDDDA2FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:bluecoat:proxysg_va-20:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A95C5F84-3FDE-441A-9DF3-CAAEFBFF9A24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:bluecoat:proxysg_va-5:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C59FA09-5E58-4741-B591-FA71C5E95AC7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "9E11536F-7CFA-41C8-9826-945B6D3606A9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "C162E145-9C08-4763-A5E4-0D383B18380A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "3E2D3EE0-8C28-4338-BB55-3942868AEBD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "2A8518E8-575C-42E4-844E-479448E0358A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "650EF456-4DF5-42B4-BEC5-76F351461DAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "41104737-2E55-47DE-B29F-F88B07956601",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "64AC1648-94E7-4C2F-8D28-906DD3C9E9C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "B3ABD5B1-3CD8-4361-9933-A99C5BCAEC53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A63F6BE1-3705-41F8-83F2-14262C1A8513",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "33C50C6D-42FD-47E2-811D-69673144601B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "6F61A3FE-A7A2-42B8-BE15-A5904F68C2EB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "053096B7-C691-430B-8EAF-FF8DF0ED3626",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3CC9C212-03B8-4D1D-8E66-1CAE9066D3A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "844E3782-018D-4CBB-B4E1-B60D713851D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3711A175-0F97-4B8D-991B-EE05C6927D35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "25BA7C9D-3E26-4F1B-9C8A-DF864D3F8F91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DFC4B7BB-804A-4628-9829-369A37BB7C33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "147F05C5-8148-4448-9A27-6A8093E4D501",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DB590391-1E89-4585-95B7-C77C3FA127C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "066A03FA-CEDF-4C8A-A445-521C9E6E954E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "E9858A0D-3368-407A-8438-14EB8BA0F096",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "EAF352C1-3CA1-4CE4-9067-9819BA327F6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A3EB21AA-B393-42F6-8945-E8EF1EF81C1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A2A29D44-8A16-4F5A-9907-85D1F0EC13CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "2EDF8810-4C81-49E8-B4AA-2B87B5D6C953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A5259AF1-EBB5-4083-BF78-2DB7C075E298",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.",
      },
      {
         lang: "es",
         value: "Blue Coat ProxySG, cuando el modo de interceptación transparente está activado, usa la cabecera HTTP Host para determinar el \"endpoint\" (punto de finalización) remoto, lo que permite a atacantes remotos evitar los controles de acceso por Flash, Java, Silverlight y probablemente otras tecnologías, y posiblemente comunicarse con sitios de la intranet restringidos, a través de una página web manipulada que provoca que el cliente envíe peticiones HTTP con una cabecera Host modificada.",
      },
   ],
   id: "CVE-2009-1211",
   lastModified: "2024-11-21T01:01:55.193",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
   },
   published: "2009-04-01T10:30:00.407",
   references: [
      {
         source: "cve@mitre.org",
         url: "http://www.securitytracker.com/id?1021781",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1021781",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-16",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2012-08-26 19:55
Modified
2024-11-21 01:22
Severity ?
Summary
Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB7D946-27DD-481F-A1F7-BE9033289A87",
                     versionEndIncluding: "4.3.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:3.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "4001EB20-16A9-4422-9289-32DE8C4D430B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.1.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A2D437-2963-41DD-A78C-5E2D0DF34839",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02483E00-B6C5-4E76-A70F-D4CECEBAD244",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "E73538F5-EDE1-4284-8392-D54AFB4A5C10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EB5289F-1426-49F0-AB56-C989CE927ED9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "07209888-671C-4066-B273-356C66E67FE3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B08C7966-7D0C-4FE1-9EAA-CAEC0E009ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "B82C387E-3C10-45F5-B2C9-7D42047713DF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "150AC531-E9CD-47C1-A7D8-0828FE5C38A8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "92820ABA-8B10-430D-A679-6065221D1924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.12:*:*:*:*:*:*:*",
                     matchCriteriaId: "951FB4B7-7357-423E-AE25-F3672893225E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.21:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7EEE283-7AF2-459C-8D39-0B0BFBA87B55",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.26:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAAEB8A-9409-46B9-ABAC-CB9898C0EF86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "14D59E6E-063B-4AB9-AE81-A53D907B6680",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "C534E59B-7259-4F53-99DF-0B754ECAEA30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BABE70A-CD55-4124-A5D3-B779B92BA6CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "155ECB82-3ECA-451B-925A-74AEE73E0C21",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A90DE11-0F9B-474E-9A58-F1C4C042FD5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDF5C19B-2C2D-417B-B53E-B0E581A8EA7D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.7.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0207F6-982D-430A-8146-790564828F3B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.2.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "874038D8-CB9F-436D-8DD1-821273FB79E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.4.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "29912AF6-1203-4A93-B134-2320BD52FEE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F82B502B-48C9-44DB-9350-E5F6170B9E8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6F05601-A486-4A13-AF68-620AC0CF8422",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "9E11536F-7CFA-41C8-9826-945B6D3606A9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "C162E145-9C08-4763-A5E4-0D383B18380A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "3E2D3EE0-8C28-4338-BB55-3942868AEBD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "2A8518E8-575C-42E4-844E-479448E0358A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "650EF456-4DF5-42B4-BEC5-76F351461DAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "41104737-2E55-47DE-B29F-F88B07956601",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "64AC1648-94E7-4C2F-8D28-906DD3C9E9C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "B3ABD5B1-3CD8-4361-9933-A99C5BCAEC53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A63F6BE1-3705-41F8-83F2-14262C1A8513",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "33C50C6D-42FD-47E2-811D-69673144601B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "6F61A3FE-A7A2-42B8-BE15-A5904F68C2EB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "053096B7-C691-430B-8EAF-FF8DF0ED3626",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3CC9C212-03B8-4D1D-8E66-1CAE9066D3A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "844E3782-018D-4CBB-B4E1-B60D713851D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3711A175-0F97-4B8D-991B-EE05C6927D35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "25BA7C9D-3E26-4F1B-9C8A-DF864D3F8F91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DFC4B7BB-804A-4628-9829-369A37BB7C33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "147F05C5-8148-4448-9A27-6A8093E4D501",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DB590391-1E89-4585-95B7-C77C3FA127C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "066A03FA-CEDF-4C8A-A445-521C9E6E954E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "E9858A0D-3368-407A-8438-14EB8BA0F096",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "EAF352C1-3CA1-4CE4-9067-9819BA327F6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A3EB21AA-B393-42F6-8945-E8EF1EF81C1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A2A29D44-8A16-4F5A-9907-85D1F0EC13CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "2EDF8810-4C81-49E8-B4AA-2B87B5D6C953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A5259AF1-EBB5-4083-BF78-2DB7C075E298",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.",
      },
      {
         lang: "es",
         value: "Blue Coat ProxySG before SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.1.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios CLI mediante el aprovechamiento de los privilegios de administrador de solo lectura y el establecimiento de una sesión HTTPS.",
      },
   ],
   id: "CVE-2010-5189",
   lastModified: "2024-11-21T01:22:41.320",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2012-08-26T19:55:01.293",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.bluecoat.com/index?page=content&id=SA45",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.bluecoat.com/index?page=content&id=SA45",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-264",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2012-08-26 19:55
Modified
2024-11-21 01:22
Severity ?
Summary
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB7D946-27DD-481F-A1F7-BE9033289A87",
                     versionEndIncluding: "4.3.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:3.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "4001EB20-16A9-4422-9289-32DE8C4D430B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.1.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A2D437-2963-41DD-A78C-5E2D0DF34839",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02483E00-B6C5-4E76-A70F-D4CECEBAD244",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "E73538F5-EDE1-4284-8392-D54AFB4A5C10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EB5289F-1426-49F0-AB56-C989CE927ED9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "07209888-671C-4066-B273-356C66E67FE3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B08C7966-7D0C-4FE1-9EAA-CAEC0E009ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "B82C387E-3C10-45F5-B2C9-7D42047713DF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "150AC531-E9CD-47C1-A7D8-0828FE5C38A8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "92820ABA-8B10-430D-A679-6065221D1924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.12:*:*:*:*:*:*:*",
                     matchCriteriaId: "951FB4B7-7357-423E-AE25-F3672893225E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.21:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7EEE283-7AF2-459C-8D39-0B0BFBA87B55",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.26:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAAEB8A-9409-46B9-ABAC-CB9898C0EF86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "14D59E6E-063B-4AB9-AE81-A53D907B6680",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "C534E59B-7259-4F53-99DF-0B754ECAEA30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BABE70A-CD55-4124-A5D3-B779B92BA6CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "155ECB82-3ECA-451B-925A-74AEE73E0C21",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A90DE11-0F9B-474E-9A58-F1C4C042FD5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDF5C19B-2C2D-417B-B53E-B0E581A8EA7D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.7.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0207F6-982D-430A-8146-790564828F3B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.2.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "874038D8-CB9F-436D-8DD1-821273FB79E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.4.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "29912AF6-1203-4A93-B134-2320BD52FEE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F82B502B-48C9-44DB-9350-E5F6170B9E8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:6.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B206C686-E41D-4E73-80B2-99467AEC8721",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "9E11536F-7CFA-41C8-9826-945B6D3606A9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "C162E145-9C08-4763-A5E4-0D383B18380A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "3E2D3EE0-8C28-4338-BB55-3942868AEBD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "2A8518E8-575C-42E4-844E-479448E0358A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "650EF456-4DF5-42B4-BEC5-76F351461DAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "41104737-2E55-47DE-B29F-F88B07956601",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "64AC1648-94E7-4C2F-8D28-906DD3C9E9C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "B3ABD5B1-3CD8-4361-9933-A99C5BCAEC53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A63F6BE1-3705-41F8-83F2-14262C1A8513",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "33C50C6D-42FD-47E2-811D-69673144601B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "6F61A3FE-A7A2-42B8-BE15-A5904F68C2EB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "053096B7-C691-430B-8EAF-FF8DF0ED3626",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3CC9C212-03B8-4D1D-8E66-1CAE9066D3A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "844E3782-018D-4CBB-B4E1-B60D713851D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3711A175-0F97-4B8D-991B-EE05C6927D35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "25BA7C9D-3E26-4F1B-9C8A-DF864D3F8F91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DFC4B7BB-804A-4628-9829-369A37BB7C33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "147F05C5-8148-4448-9A27-6A8093E4D501",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DB590391-1E89-4585-95B7-C77C3FA127C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "066A03FA-CEDF-4C8A-A445-521C9E6E954E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "E9858A0D-3368-407A-8438-14EB8BA0F096",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "EAF352C1-3CA1-4CE4-9067-9819BA327F6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A3EB21AA-B393-42F6-8945-E8EF1EF81C1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A2A29D44-8A16-4F5A-9907-85D1F0EC13CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "2EDF8810-4C81-49E8-B4AA-2B87B5D6C953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A5259AF1-EBB5-4083-BF78-2DB7C075E298",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.",
      },
      {
         lang: "es",
         value: "La funcionalidad Active Content Transformation en Blue Coat ProxySG anterior a SGOS v4.3.4.2, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a SGOS v6.1.2.1 permite a atacantes remotos saltarse la detección JavaScript a través de entidades HTML.",
      },
   ],
   id: "CVE-2010-5190",
   lastModified: "2024-11-21T01:22:41.503",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2012-08-26T19:55:01.323",
   references: [
      {
         source: "cve@mitre.org",
         url: "https://kb.bluecoat.com/index?page=content&id=SA48",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://kb.bluecoat.com/index?page=content&id=SA48",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-264",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2012-08-26 19:55
Modified
2024-11-21 01:22
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB7D946-27DD-481F-A1F7-BE9033289A87",
                     versionEndIncluding: "4.3.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:3.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "4001EB20-16A9-4422-9289-32DE8C4D430B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.1.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A2D437-2963-41DD-A78C-5E2D0DF34839",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02483E00-B6C5-4E76-A70F-D4CECEBAD244",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.1.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "E73538F5-EDE1-4284-8392-D54AFB4A5C10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EB5289F-1426-49F0-AB56-C989CE927ED9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "07209888-671C-4066-B273-356C66E67FE3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B08C7966-7D0C-4FE1-9EAA-CAEC0E009ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "B82C387E-3C10-45F5-B2C9-7D42047713DF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "150AC531-E9CD-47C1-A7D8-0828FE5C38A8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "92820ABA-8B10-430D-A679-6065221D1924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.12:*:*:*:*:*:*:*",
                     matchCriteriaId: "951FB4B7-7357-423E-AE25-F3672893225E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.21:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7EEE283-7AF2-459C-8D39-0B0BFBA87B55",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.3.26:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAAEB8A-9409-46B9-ABAC-CB9898C0EF86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "14D59E6E-063B-4AB9-AE81-A53D907B6680",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "C534E59B-7259-4F53-99DF-0B754ECAEA30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.5.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BABE70A-CD55-4124-A5D3-B779B92BA6CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "155ECB82-3ECA-451B-925A-74AEE73E0C21",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A90DE11-0F9B-474E-9A58-F1C4C042FD5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDF5C19B-2C2D-417B-B53E-B0E581A8EA7D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:4.2.7.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0207F6-982D-430A-8146-790564828F3B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.2.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "874038D8-CB9F-436D-8DD1-821273FB79E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.4.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "29912AF6-1203-4A93-B134-2320BD52FEE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:5.5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F82B502B-48C9-44DB-9350-E5F6170B9E8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:bluecoat:sgos:6.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B206C686-E41D-4E73-80B2-99467AEC8721",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "9E11536F-7CFA-41C8-9826-945B6D3606A9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "C162E145-9C08-4763-A5E4-0D383B18380A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "3E2D3EE0-8C28-4338-BB55-3942868AEBD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "2A8518E8-575C-42E4-844E-479448E0358A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "650EF456-4DF5-42B4-BEC5-76F351461DAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "41104737-2E55-47DE-B29F-F88B07956601",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "64AC1648-94E7-4C2F-8D28-906DD3C9E9C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "B3ABD5B1-3CD8-4361-9933-A99C5BCAEC53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A63F6BE1-3705-41F8-83F2-14262C1A8513",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "33C50C6D-42FD-47E2-811D-69673144601B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "6F61A3FE-A7A2-42B8-BE15-A5904F68C2EB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "053096B7-C691-430B-8EAF-FF8DF0ED3626",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg510-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3CC9C212-03B8-4D1D-8E66-1CAE9066D3A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "844E3782-018D-4CBB-B4E1-B60D713851D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "3711A175-0F97-4B8D-991B-EE05C6927D35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "25BA7C9D-3E26-4F1B-9C8A-DF864D3F8F91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DFC4B7BB-804A-4628-9829-369A37BB7C33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "147F05C5-8148-4448-9A27-6A8093E4D501",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "DB590391-1E89-4585-95B7-C77C3FA127C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg810-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "066A03FA-CEDF-4C8A-A445-521C9E6E954E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "E9858A0D-3368-407A-8438-14EB8BA0F096",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "EAF352C1-3CA1-4CE4-9067-9819BA327F6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "A3EB21AA-B393-42F6-8945-E8EF1EF81C1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A2A29D44-8A16-4F5A-9907-85D1F0EC13CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:acceleration:*:*:*:*:*",
                     matchCriteriaId: "2EDF8810-4C81-49E8-B4AA-2B87B5D6C953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:full_proxy:*:*:*:*:*",
                     matchCriteriaId: "A5259AF1-EBB5-4083-BF78-2DB7C075E298",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Java Management Console en Blue Coat ProxySG anterior a SGOS v4.3.4.1, v5.x anterior a SGOS v5.4.5.1, v5.5 anterior a SGOS v5.5.4.1, y v6.x anterior a  SGOS v6.1.1.1 permite a atacantes remotos inyectar código web o HTML arbitrario a través de vectores no especificados.",
      },
   ],
   id: "CVE-2010-5192",
   lastModified: "2024-11-21T01:22:41.857",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
   },
   published: "2012-08-26T19:55:01.747",
   references: [
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/41695",
      },
      {
         source: "cve@mitre.org",
         url: "http://securitytracker.com/id?1024503",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.osvdb.org/68322",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/bid/43675",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.vupen.com/english/advisories/2010/2562",
      },
      {
         source: "cve@mitre.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62240",
      },
      {
         source: "cve@mitre.org",
         url: "https://kb.bluecoat.com/index?page=content&id=SA47",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/41695",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://securitytracker.com/id?1024503",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.osvdb.org/68322",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/43675",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.vupen.com/english/advisories/2010/2562",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62240",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://kb.bluecoat.com/index?page=content&id=SA47",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}