CVE-2015-1454

Name of the Vulnerable Software and Affected Versions Blue Coat ProxyClient versions prior to 3.3.3.3 Blue Coat ProxyClient versions 3.4.x prior to 3.4.4.10 Blue Coat Unified Agent versions prior to 4.1.3.151952

Description The issue allows man-in-the-middle attackers to spoof ProxySG Client Managers by using a crafted certificate, due to improper validation of certain certificates. This can lead to modification of configurations and execution of arbitrary software updates.

Recommendations For Blue Coat ProxyClient versions prior to 3.3.3.3, update to version 3.3.3.3 or later. For Blue Coat ProxyClient versions 3.4.x prior to 3.4.4.10, update to version 3.4.4.10 or later. For Blue Coat Unified Agent versions prior to 4.1.3.151952, update to version 4.1.3.151952 or later.