CVE-2014-2033
Summary
| CVE | CVE-2014-2033 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-03-02 17:55:00 UTC |
| Updated | 2018-12-12 16:59:00 UTC |
| Description | The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
| Operating System | Bluecoat | Proxysgos | 6.3 | All | All | All |
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
| Operating System | Bluecoat | Proxysgos | 6.3 | All | All | All |
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
| Operating System | Bluecoat | Proxysgos | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Bluecoat Knowledge Base | CONFIRM | kb.bluecoat.com | Vendor Advisory |
| Vulnerability Note VU#221620 - Blue Coat ProxySG local user changes contain a time and state vulnerability | CERT-VN | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.