Vulnerability Details CVE-2008-4515
Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side JavaScript as a protection mechanism, which allows remote attackers to bypass authentication and access the (1) summary, (2) detail, (3) overrides, and (4) pwemail pages by disabling JavaScript.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://dicas3000.blogspot.com/2008/10/blue-coat-k9-web-protection-v40230-beta.html
- http://seclists.org/fulldisclosure/2008/Oct/0070.html
- http://www.securityfocus.com/bid/31584
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45696
- http://dicas3000.blogspot.com/2008/10/blue-coat-k9-web-protection-v40230-beta.html
- http://seclists.org/fulldisclosure/2008/Oct/0070.html
- http://www.securityfocus.com/bid/31584
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45696
Products affected by CVE-2008-4515
-
cpe:2.3:a:blue_coat_systems:k9_web_protection:4.0.230