Garret Wassermann

**Name of the Vulnerable Software and Affected Versions** Pearson ProctorCache versions prior to 2015.1.17 **Description** The issue allows remote attackers to modify test metadata or cause a denial of service by leveraging knowledge of a hardcoded password used across different customers' installations. **Recommendations** For versions prior to 2015.1.17, update to version 2015.1.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Blue Coat Malware Analysis appliance versions prior to 4.2.4.20150312-RELEASE **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions prior to 4.2.4.20150312-RELEASE, update to version 4.2.4.20150312-RELEASE or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Blue Coat Malware Analysis appliance versions prior to 4.2.4.20150312-RELEASE **Description** The issue allows remote attackers to bypass intended access restrictions and list or read arbitrary documents by providing matching keywords in conjunction with a crafted parameter in the search.php file. **Recommendations** For versions prior to 4.2.4.20150312-RELEASE, update to version 4.2.4.20150312-RELEASE or later to resolve the issue. As a temporary workaround, consider restricting access to the search.php file until a patch is applied. Avoid using crafted parameters in conjunction with matching keywords in the search.php file until the issue is resolved.