Vulnerability CVE-2016-10259


Published: 2017-04-11

Description:
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server.

Type:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Bluecoat -> Ssl visibility appliance sv2800 firmware 
Bluecoat -> Ssl visibility appliance sv1800 firmware 
Bluecoat -> Ssl visibility appliance sv800 firmware 
Bluecoat -> Ssl visibility appliance sv3800 firmware 

 References:
http://www.securityfocus.com/bid/97525
https://bto.bluecoat.com/security-advisory/sa142
https://www.symantec.com/security-center/network-protection-security-advisories/SA142

Copyright 2024, cxsecurity.com

 

Back to Top