CVE-2012-2566

Name of the Vulnerable Software and Affected Versions Bloxx Web Filtering versions prior to 5.0.14

Description The issue allows remote attackers to bypass intended IP address and domain restrictions, and trigger misleading log entries, via a crafted X-Forwarded-For header during access-control and logging operations for HTTPS connection attempts.

Recommendations For versions prior to 5.0.14, update to version 5.0.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTPS connection attempts until the update is applied.