VAR-201404-0677
Vulnerability from variot - Updated: 2022-05-04 10:01The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection.". Blue Coat Content Analysis System is prone to a remote command-injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands in context of the affected application. Successful exploits may compromise the affected application. Blue Coat Content Analysis System versions 1.1.1.1, 1.1.2.1, and 1.1.3.1 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0677",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "content analysis system software",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": "1.1.1.1"
},
{
"model": "content analysis system",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "content analysis system software",
"scope": "lte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "1.1.2.1"
},
{
"model": "content analysis system",
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": "content analysis system software",
"scope": "lt",
"trust": 0.8,
"vendor": "blue coat",
"version": "1.1 thats all 1.1.4.2"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "1.1.2.1"
},
{
"model": "coat systems content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "1.1.3.1"
},
{
"model": "coat systems content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "1.1.2.1"
},
{
"model": "coat systems content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "1.1.1.1"
},
{
"model": "coat systems content analysis system",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "1.1.4.2"
}
],
"sources": [
{
"db": "BID",
"id": "67519"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bluecoat:content_analysis_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:bluecoat:content_analysis_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "67519"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.5,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-2565",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2565",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-606",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to \"command injection.\". Blue Coat Content Analysis System is prone to a remote command-injection vulnerability. \nSuccessfully exploiting this issue may allow an attacker to execute arbitrary commands in context of the affected application. Successful exploits may compromise the affected application. \nBlue Coat Content Analysis System versions 1.1.1.1, 1.1.2.1, and 1.1.3.1 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "BID",
"id": "67519"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2565",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606",
"trust": 0.6
},
{
"db": "BID",
"id": "67519",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "67519"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"id": "VAR-201404-0677",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.11111111
},
"last_update_date": "2022-05-04T10:01:31.363000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SA78",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa78\u0026actp=list"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa78\u0026actp=list"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2565"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2565"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/products/content-analysis-system"
}
],
"sources": [
{
"db": "BID",
"id": "67519"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "67519"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-19T00:00:00",
"db": "BID",
"id": "67519"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"date": "2014-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"date": "2014-04-30T14:22:00",
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-19T00:00:00",
"db": "BID",
"id": "67519"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002331"
},
{
"date": "2014-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-606"
},
{
"date": "2014-05-01T13:49:00",
"db": "NVD",
"id": "CVE-2014-2565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blue Coat Content Analysis System Command line interface arbitrary command execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002331"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-606"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…