Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2566

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-2566
Last Modified 18 Aug 2012 11:44:21
Published 08 Jun 2012 08:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2566

Summary

Bloxx Web Filtering before 5.0.14 does not properly interpret X-Forwarded-For headers during access-control and logging operations for HTTPS connection attempts, which allows remote attackers to bypass intended IP address and domain restrictions, and trigger misleading log entries, via a crafted header.

Vulnerable Systems

Application

  • Bloxx Web Filtering 5.0.13


References

CERT-VN - VU#722963

CONFIRM - http://www.kb.cert.org/vuls/id/MAPG-8R9LBY

BID - 53715


Last Updated: 27 May 2016 10:47:11