FKIE_CVE-2016-10259

Vulnerability from fkie_nvd - Published: 2017-04-11 14:59 - Updated: 2025-04-20 01:37
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server.
References
secure@symantec.comhttp://www.securityfocus.com/bid/97525Third Party Advisory, VDB Entry
secure@symantec.comhttps://bto.bluecoat.com/security-advisory/sa142Vendor Advisory
secure@symantec.comhttps://www.symantec.com/security-center/network-protection-security-advisories/SA142
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97525Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa142Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.symantec.com/security-center/network-protection-security-advisories/SA142
Impacted products
Vendor Product Version
bluecoat ssl_visibility_appliance_sv1800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv1800_firmware 3.9
bluecoat ssl_visibility_appliance_sv1800_firmware 3.10
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv1800 -
bluecoat ssl_visibility_appliance_sv800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv800_firmware 3.9
bluecoat ssl_visibility_appliance_sv800_firmware 3.10
bluecoat ssl_visibility_appliance_sv800_firmware 3.11
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv800 -
bluecoat ssl_visibility_appliance_sv3800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv3800_firmware 3.9
bluecoat ssl_visibility_appliance_sv3800_firmware 3.10
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv3800 -
bluecoat ssl_visibility_appliance_sv2800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv2800_firmware 3.9
bluecoat ssl_visibility_appliance_sv2800_firmware 3.10
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv2800 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6E120-7880-410E-A119-CD348894471B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F161E0-B0F2-4516-817B-8581D398B47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "424E4E7A-0215-439D-9CF9-58A4D420772D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "60974CE1-9469-4302-A20B-C1A01D00EEC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.11.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA482EE3-6DD5-4B41-A317-7782EF54DDD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.11.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73657251-381C-40AB-B731-1D7D727E6E42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv1800_firmware:3.11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39C16E0-81A9-466D-AE78-1D7AE9FAFEF8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:bluecoat:ssl_visibility_appliance_sv1800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDBD7D36-8599-427A-B397-B7443B864B81",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFEB60C-43EC-4D24-840C-410B5C256761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF1D9B5-103A-4379-AE90-223BB4672A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A056B850-DE63-47AF-8D91-464B6F702D88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5290154-4079-49A2-A02A-13DA0D37B069",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.11.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD856EDC-EEFD-489C-A80A-0A56D5CD385C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.11.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C9FC05-EBF0-4647-8523-9A6FE56AF3D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv800_firmware:3.11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74C6EA1A-B64F-4E07-9311-AF15B4866A5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:bluecoat:ssl_visibility_appliance_sv800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A4C04F5-F848-46C6-8042-C8C8D3185DF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "768238C0-E300-4242-B98A-2EC776E7E6ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "98BD9F92-EF2F-4FAA-A7A6-81755BFC8D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6667057C-E17B-4BD2-872E-AB2F0B34FD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF97CAD-E3FA-4749-973D-D769E61679CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.11.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F232607-EC3D-4059-BA8D-A8ADAAD79B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.11.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA570F5C-2D36-4F4F-84B2-97B795DF05F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv3800_firmware:3.11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC884D99-F68C-4D05-B1B2-6376C7757C43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:bluecoat:ssl_visibility_appliance_sv3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD1D419-3EFA-4A72-A022-D1DE9C2DAA1C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02D12FA-47E2-4FF1-B0CC-58B6BE35CB2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9474C88E-E9DB-428B-ADC9-8C41B3DA6CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B9B9A3-A642-4827-A677-550A41481637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AD81B90-9F01-4320-899C-C10267226417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.11.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7106365-8624-491E-9CA6-FBDA0BB9705F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.11.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06A5C31-4934-4329-AC68-F66F6F30CA92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:bluecoat:ssl_visibility_appliance_sv2800_firmware:3.11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D212D919-5AB1-4725-88C1-694987E98563",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:bluecoat:ssl_visibility_appliance_sv2800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4F5439C-9000-4DC2-8AB6-A744F5638A15",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server."
    },
    {
      "lang": "es",
      "value": "Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 anterior a 3.10.4.1 y versiones 3.11 anteriores a la 3.11.3.1 es susceptible a una vulnerabilidad de denegaci\u00f3n de servicio (DoS) que impacta en los servidores SSL para las conexiones SSL interceptadas. Un cliente SSL puede, bajo ciertas circunstancias, agotar temporalmente el grupo de conexiones TCP de un servidor SSL."
    }
  ],
  "id": "CVE-2016-10259",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-11T14:59:00.163",
  "references": [
    {
      "source": "secure@symantec.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97525"
    },
    {
      "source": "secure@symantec.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bto.bluecoat.com/security-advisory/sa142"
    },
    {
      "source": "secure@symantec.com",
      "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bto.bluecoat.com/security-advisory/sa142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA142"
    }
  ],
  "sourceIdentifier": "secure@symantec.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.