CVE-2015-2852
Summary
| CVE | CVE-2015-2852 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-05-30 19:59:00 UTC |
| Updated | 2016-12-03 03:07:00 UTC |
| Description | Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators. |
Risk And Classification
Problem Types: CWE-352
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Blue Coat | Ssl Visibility Appliance Sv1800 | - | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv1800 | - | All | All | All |
| Operating System | Blue Coat | Ssl Visibility Appliance Sv1800 Firmware | All | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv2800 | - | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv2800 | - | All | All | All |
| Operating System | Blue Coat | Ssl Visibility Appliance Sv2800 Firmware | All | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv3800 | - | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv3800 | - | All | All | All |
| Operating System | Blue Coat | Ssl Visibility Appliance Sv3800 Firmware | All | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv800 | - | All | All | All |
| Hardware | Blue Coat | Ssl Visibility Appliance Sv800 | - | All | All | All |
| Operating System | Blue Coat | Ssl Visibility Appliance Sv800 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Broadcom Support Portal | CONFIRM | bto.bluecoat.com | Vendor Advisory |
| Vulnerability Note VU#498348 - Blue Coat SSL Visibility Appliance contains multiple vulnerabilities | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| Blue Coat Multiple SSL Visibility Appliances Multiple Security Vulnerabilities | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.