Описание
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.4 (включая)
Одновременно
Одно из
cpe:2.3:o:bluecoat:sgos:*:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:3.2.6:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.1.2.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.1.2:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.1.6:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.2.2:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3.4:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3.7:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3.12:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3.21:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.3.26:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.4.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.5:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.5.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.6:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.6.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.6.4:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:4.2.7.1:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:5.2.2.4:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:5.4.5:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:5.5.4:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:sgos:6.1.2:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-10:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-25:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg210-5:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-10:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-20:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-25:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg510-5:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-10:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-20:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-25:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg810-5:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-10:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-20:-:-:full_proxy:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:acceleration:*:*:*:*:*
cpe:2.3:h:bluecoat:proxysg_sg9000-5:-:-:full_proxy:*:*:*:*:*
EPSS
Процентиль: 37%
0.00158
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.
EPSS
Процентиль: 37%
0.00158
Низкий
5 Medium
CVSS2
Дефекты
CWE-264