Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/498348 | US Government Resource |
http://www.securityfocus.com/bid/74921 | |
https://bto.bluecoat.com/security-advisory/sa96 | |
http://www.kb.cert.org/vuls/id/498348 | US Government Resource |
http://www.securityfocus.com/bid/74921 | |
https://bto.bluecoat.com/security-advisory/sa96 |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 02:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/498348 - US Government Resource | |
References | () http://www.securityfocus.com/bid/74921 - | |
References | () https://bto.bluecoat.com/security-advisory/sa96 - |
Information
Published : 2015-05-30 19:59
Updated : 2024-11-21 02:28
NVD link : CVE-2015-2853
Mitre link : CVE-2015-2853
CVE.ORG link : CVE-2015-2853
JSON object : View
Products Affected
blue_coat
- ssl_visibility_appliance_sv800
- ssl_visibility_appliance_sv2800
- ssl_visibility_appliance_sv800_firmware
- ssl_visibility_appliance_sv3800_firmware
- ssl_visibility_appliance_sv3800
- ssl_visibility_appliance_sv1800
- ssl_visibility_appliance_sv1800_firmware
- ssl_visibility_appliance_sv2800_firmware
CWE