Tim Malcomvetter

Researcher fromFishNet Security
#21562of 53,633
11.1Total CVSS
Vulnerabilities · 2
Medium
2
PT-2015-5937
4.3
2015-05-30
Blue Coat · Blue Coat Ssl Visibility Appliance · CVE-2015-2852
**Name of the Vulnerable Software and Affected Versions** Blue Coat SSL Visibility Appliance versions 3.6.x through 3.8.x before 3.8.4 **Description** A cross-site request forgery (CSRF) issue in the WebUI component allows remote attackers to hijack the authentication of administrators. **Recommendations** For versions 3.6.x through 3.8.x before 3.8.4, update to version 3.8.4 or later to resolve the issue.
PT-2015-5938
6.8
2015-05-30
Blue Coat · Blue Coat Ssl Visibility Appliance · CVE-2015-2853
**Name of the Vulnerable Software and Affected Versions** Blue Coat SSL Visibility Appliance versions 3.6.x through 3.8.x before 3.8.4 **Description** The issue allows remote attackers to hijack web sessions by providing a session ID. This is related to a session fixation vulnerability in the WebUI component. **Recommendations** For versions 3.6.x through 3.8.x before 3.8.4, update to version 3.8.4 or later to resolve the issue.