CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2566

Bloxx Web Filtering before 5.0.14 does not properly interpret X-Forwarded-For headers during access-control and logging operations for HTTPS connection attempts, which allows remote attackers to bypass intended IP address and domain restrictions, and trigger misleading log entries, via a crafted header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.6%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.kb.cert.org/vuls/id/722963
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY
http://www.securityfocus.com/bid/53715
http://www.kb.cert.org/vuls/id/722963
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY
http://www.securityfocus.com/bid/53715

Products affected by CVE-2012-2566

Bloxx » Web Filtering » Version: Any

cpe:2.3:a:bloxx:web_filtering:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2566

Products

Pricing

Contact Us