PT-2015-5938 · Blue Coat · Blue Coat Ssl Visibility Appliance

Tim Malcomvetter

Published

2015-05-30

Updated

2016-12-03

CVE-2015-2853

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Blue Coat SSL Visibility Appliance versions 3.6.x through 3.8.x before 3.8.4

Description The issue allows remote attackers to hijack web sessions by providing a session ID. This is related to a session fixation vulnerability in the WebUI component.

Recommendations For versions 3.6.x through 3.8.x before 3.8.4, update to version 3.8.4 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2015-2853

Affected Products

Blue Coat Ssl Visibility Appliance

PT-2015-5938 · Blue Coat · Blue Coat Ssl Visibility Appliance

CVE-2015-2853

Related Identifiers

Affected Products

References · 4