CVE-2005-1708

Name of the Vulnerable Software and Affected Versions Blue Coat Reporter versions prior to 7.1.2

Description The issue allows authenticated users to gain administrator privileges via an HTTP POST request. This is achieved by setting the volatile.user.administrator variable to true.

Recommendations For versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the templates.admin.users.user form processing template to prevent exploitation.