Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2033

Overview

Vulnerability Score 7.9 7.9
CVE Id CVE-2014-2033
Last Modified 03 Mar 2014 01:10:15
Published 02 Mar 2014 12:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2033

Summary

The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials.

Vulnerable Systems

Operating System

  • Bluecoat Proxysgos 5.5

  • Bluecoat Proxysgos 5.5.11

  • Bluecoat Proxysgos 6.1

  • Bluecoat Proxysgos 6.1.6.3

  • Bluecoat Proxysgos 6.2

  • Bluecoat Proxysgos 6.2.15.3

  • Bluecoat Proxysgos 6.3

  • Bluecoat Proxysgos 6.4

  • Bluecoat Proxysgos 6.4.6.1

  • Bluecoat Proxysgos 6.5


References

CERT-VN - VU#221620

CONFIRM - https://kb.bluecoat.com/index?page=content&id=SA77


Last Updated: 27 May 2016 11:04:31