CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-1454

Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.5%

CVSS Severity

CVSS v2 Score 7.1

References

http://secunia.com/advisories/62617
https://bto.bluecoat.com/security-advisory/sa89
http://secunia.com/advisories/62617
https://bto.bluecoat.com/security-advisory/sa89

Products affected by CVE-2015-1454

Bluecoat » Proxyclient » Version: 3.3

cpe:2.3:a:bluecoat:proxyclient:3.3
Bluecoat » Proxyclient » Version: 3.3.3.2

cpe:2.3:a:bluecoat:proxyclient:3.3.3.2
Bluecoat » Proxyclient » Version: 3.4

cpe:2.3:a:bluecoat:proxyclient:3.4
Bluecoat » Proxyclient » Version: 3.4.4.9

cpe:2.3:a:bluecoat:proxyclient:3.4.4.9
Bluecoat » Unified Agent » Version: 4.1.3

cpe:2.3:a:bluecoat:unified_agent:4.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1454

Products

Pricing

Contact Us