CVE-2015-2852 — MEDIUM (4.3)

Q: How severe is CVE-2015-2852?

CVE-2015-2852 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-2852?

Check the references section above for vendor advisories and patch information. Affected products include: Blue Coat Ssl Visibility Appliance Sv2800 Firmware, Blue Coat Ssl Visibility Appliance Sv2800, Blue Coat Ssl Visibility Appliance Sv1800 Firmware, Blue Coat Ssl Visibility Appliance Sv1800, Blue Coat Ssl Visibility Appliance Sv3800 Firmware.

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Blue Coat	Ssl Visibility Appliance Sv2800 Firmware	<= 3.8.3
Blue Coat	Ssl Visibility Appliance Sv2800	-
Blue Coat	Ssl Visibility Appliance Sv1800 Firmware	<= 3.8.3
Blue Coat	Ssl Visibility Appliance Sv1800	-
Blue Coat	Ssl Visibility Appliance Sv3800 Firmware	<= 3.8.3
Blue Coat	Ssl Visibility Appliance Sv3800	-
Blue Coat	Ssl Visibility Appliance Sv800 Firmware	<= 3.8.3
Blue Coat	Ssl Visibility Appliance Sv800	-

Related Weaknesses (CWE)

CWE-352

References

http://www.kb.cert.org/vuls/id/498348Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/74921
https://bto.bluecoat.com/security-advisory/sa96Vendor Advisory
http://www.kb.cert.org/vuls/id/498348Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/74921
https://bto.bluecoat.com/security-advisory/sa96Vendor Advisory

FAQ

What is CVE-2015-2852?

CVE-2015-2852 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers ...

How severe is CVE-2015-2852?

CVE-2015-2852 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-2852?

Check the references section above for vendor advisories and patch information. Affected products include: Blue Coat Ssl Visibility Appliance Sv2800 Firmware, Blue Coat Ssl Visibility Appliance Sv2800, Blue Coat Ssl Visibility Appliance Sv1800 Firmware, Blue Coat Ssl Visibility Appliance Sv1800, Blue Coat Ssl Visibility Appliance Sv3800 Firmware.