Vulnerability CVE-2010-5192


Published: 2012-08-26   Modified: 2012-08-27

Description:
Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Bluecoat -> SGOS 
Bluecoat -> Proxysg 
Bluecoat -> Proxysg sg210-10 
Bluecoat -> Proxysg sg210-25 
Bluecoat -> Proxysg sg210-5 
Bluecoat -> Proxysg sg510-10 
Bluecoat -> Proxysg sg510-20 
Bluecoat -> Proxysg sg510-25 
Bluecoat -> Proxysg sg510-5 
Bluecoat -> Proxysg sg810-10 
Bluecoat -> Proxysg sg810-20 
Bluecoat -> Proxysg sg810-25 
Bluecoat -> Proxysg sg810-5 
Bluecoat -> Proxysg sg9000-10 
Bluecoat -> Proxysg sg9000-20 
Bluecoat -> Proxysg sg9000-5 

 References:
http://securitytracker.com/id?1024503
http://www.securityfocus.com/bid/43675
http://www.vupen.com/english/advisories/2010/2562
https://exchange.xforce.ibmcloud.com/vulnerabilities/62240
https://kb.bluecoat.com/index?page=content&id=SA47

Copyright 2024, cxsecurity.com

 

Back to Top