CVE-2015-2853

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:blue_coat:ssl_visibility_appliance_sv3800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:blue_coat:ssl_visibility_appliance_sv3800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:blue_coat:ssl_visibility_appliance_sv2800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:blue_coat:ssl_visibility_appliance_sv2800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:blue_coat:ssl_visibility_appliance_sv1800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:blue_coat:ssl_visibility_appliance_sv1800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:blue_coat:ssl_visibility_appliance_sv800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:blue_coat:ssl_visibility_appliance_sv800:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:28

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/498348 - US Government Resource () http://www.kb.cert.org/vuls/id/498348 - US Government Resource
References () http://www.securityfocus.com/bid/74921 - () http://www.securityfocus.com/bid/74921 -
References () https://bto.bluecoat.com/security-advisory/sa96 - () https://bto.bluecoat.com/security-advisory/sa96 -

Information

Published : 2015-05-30 19:59

Updated : 2024-11-21 02:28


NVD link : CVE-2015-2853

Mitre link : CVE-2015-2853

CVE.ORG link : CVE-2015-2853


JSON object : View

Products Affected

blue_coat

  • ssl_visibility_appliance_sv800
  • ssl_visibility_appliance_sv2800
  • ssl_visibility_appliance_sv800_firmware
  • ssl_visibility_appliance_sv3800_firmware
  • ssl_visibility_appliance_sv3800
  • ssl_visibility_appliance_sv1800
  • ssl_visibility_appliance_sv1800_firmware
  • ssl_visibility_appliance_sv2800_firmware