Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Blue Coat ASG by Symantec Corporation

    CVE-2016-9091 (GCVE-0-2016-9091)

    Vulnerability from nvd – Published: 2017-04-05 15:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.
    Severity
    No CVSS data available.
    CWE
    • OS command injection
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/97372 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/41785/ exploitx_refsource_EXPLOIT-DB
    https://www.exploit-db.com/exploits/41786/ exploitx_refsource_EXPLOIT-DB
    https://bto.bluecoat.com/security-advisory/sa138 x_refsource_CONFIRM
    Impacted products
    Date Public
    2017-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:10.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "97372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/97372"
              },
              {
                "name": "41785",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/41785/"
              },
              {
                "name": "41786",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/41786/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bto.bluecoat.com/security-advisory/sa138"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Blue Coat ASG",
              "vendor": "Symantec Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.6 prior to 6.6.5.4"
                }
              ]
            },
            {
              "product": "Blue Coat CAS",
              "vendor": "Symantec Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3 prior to 1.3.7.4"
                }
              ]
            }
          ],
          "datePublic": "2017-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-15T09:57:01.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "name": "97372",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/97372"
            },
            {
              "name": "41785",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/41785/"
            },
            {
              "name": "41786",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/41786/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bto.bluecoat.com/security-advisory/sa138"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2016-9091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Blue Coat ASG",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.6 prior to 6.6.5.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Blue Coat CAS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.3 prior to 1.3.7.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Symantec Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "OS command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "97372",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/97372"
                },
                {
                  "name": "41785",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/41785/"
                },
                {
                  "name": "41786",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/41786/"
                },
                {
                  "name": "https://bto.bluecoat.com/security-advisory/sa138",
                  "refsource": "CONFIRM",
                  "url": "https://bto.bluecoat.com/security-advisory/sa138"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2016-9091",
        "datePublished": "2017-04-05T15:00:00.000Z",
        "dateReserved": "2016-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:10.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9091 (GCVE-0-2016-9091)

    Vulnerability from cvelistv5 – Published: 2017-04-05 15:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.
    Severity
    No CVSS data available.
    CWE
    • OS command injection
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/97372 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/41785/ exploitx_refsource_EXPLOIT-DB
    https://www.exploit-db.com/exploits/41786/ exploitx_refsource_EXPLOIT-DB
    https://bto.bluecoat.com/security-advisory/sa138 x_refsource_CONFIRM
    Impacted products
    Date Public
    2017-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:10.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "97372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/97372"
              },
              {
                "name": "41785",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/41785/"
              },
              {
                "name": "41786",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/41786/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bto.bluecoat.com/security-advisory/sa138"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Blue Coat ASG",
              "vendor": "Symantec Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.6 prior to 6.6.5.4"
                }
              ]
            },
            {
              "product": "Blue Coat CAS",
              "vendor": "Symantec Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3 prior to 1.3.7.4"
                }
              ]
            }
          ],
          "datePublic": "2017-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-15T09:57:01.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "name": "97372",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/97372"
            },
            {
              "name": "41785",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/41785/"
            },
            {
              "name": "41786",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/41786/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bto.bluecoat.com/security-advisory/sa138"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2016-9091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Blue Coat ASG",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.6 prior to 6.6.5.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Blue Coat CAS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.3 prior to 1.3.7.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Symantec Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "OS command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "97372",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/97372"
                },
                {
                  "name": "41785",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/41785/"
                },
                {
                  "name": "41786",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/41786/"
                },
                {
                  "name": "https://bto.bluecoat.com/security-advisory/sa138",
                  "refsource": "CONFIRM",
                  "url": "https://bto.bluecoat.com/security-advisory/sa138"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2016-9091",
        "datePublished": "2017-04-05T15:00:00.000Z",
        "dateReserved": "2016-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:10.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }