1. Home
  2. CVE Database
  3. CVE-2010-5190
MEDIUM · 5.0

CVE-2010-5190

The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypas...

Vulnerability Description

The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
BluecoatSgos<= 4.3.4
BluecoatProxysgAll versions
BluecoatProxysg Sg210-10-
BluecoatProxysg Sg210-25-
BluecoatProxysg Sg210-5-
BluecoatProxysg Sg510-10-
BluecoatProxysg Sg510-20-
BluecoatProxysg Sg510-25-
BluecoatProxysg Sg510-5-
BluecoatProxysg Sg810-10-
BluecoatProxysg Sg810-20-
BluecoatProxysg Sg810-25-
BluecoatProxysg Sg810-5-
BluecoatProxysg Sg9000-10-
BluecoatProxysg Sg9000-20-
BluecoatProxysg Sg9000-5-

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2010-5190?

CVE-2010-5190 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypas...

How severe is CVE-2010-5190?

CVE-2010-5190 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-5190?

Check the references section above for vendor advisories and patch information. Affected products include: Bluecoat Sgos, Bluecoat Proxysg, Bluecoat Proxysg Sg210-10, Bluecoat Proxysg Sg210-25, Bluecoat Proxysg Sg210-5.