Search criteria
5 vulnerabilities found for proxysgos by bluecoat
VAR-201403-0228
Vulnerability from variot - Updated: 2025-04-13 23:22The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. (CWE-361). Blue Coat Provided by ProxySG Contains a vulnerability with a time lag between the change of the authentication information and the reflection. Blue Coat Provided by ProxySG Since the old authentication information is stored in the cache, the maximum time from the change of the authentication information to the reflection 15 Vulnerability with a time difference of about minutes (CWE-361) Exists. In addition, if other password-related processing such as login with a new account or denial of authentication due to an incorrect password is performed, this time difference will be reduced. CWE-361: Time and State https://cwe.mitre.org/data/definitions/361.htmlEven if the authentication information is changed, the maximum 15 You may be logged in with your old account for a minute. Blue Coat ProxySG is a set of secure Web gateway devices from Blue Coat, USA. The device provides user authentication, web filtering, data loss protection and more to control all web traffic. Blue Coat ProxySG has a security vulnerability in the SGOS caching feature
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0228",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "proxysgos",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "proxysgos",
"scope": "lte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.4.6.1"
},
{
"model": "proxysgos",
"scope": "lt",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.5.4"
},
{
"model": "proxysgos",
"scope": "gte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "proxysgos",
"scope": "gte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "proxysgos",
"scope": "gte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.4"
},
{
"model": "proxysgos",
"scope": "gte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.2"
},
{
"model": "proxysgos",
"scope": "gte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "proxysgos",
"scope": "lte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.2.15.3"
},
{
"model": "proxysgos",
"scope": "lte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "6.1.6.3"
},
{
"model": "proxysgos",
"scope": "lte",
"trust": 1.0,
"vendor": "bluecoat",
"version": "5.5.11.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": "proxysg",
"scope": "lt",
"trust": 0.8,
"vendor": "blue coat",
"version": "6.5.4 earlier"
},
{
"model": "coat proxysg",
"scope": "lte",
"trust": 0.6,
"vendor": "blue",
"version": "\u003c=5.5.11"
},
{
"model": "coat proxysg",
"scope": "lte",
"trust": 0.6,
"vendor": "blue",
"version": "\u003c=6.1.6.3"
},
{
"model": "coat proxysg",
"scope": "lte",
"trust": 0.6,
"vendor": "blue",
"version": "\u003c=6.2.15.3"
},
{
"model": "coat proxysg",
"scope": "lte",
"trust": 0.6,
"vendor": "blue",
"version": "\u003c=6.4.6.1"
},
{
"model": "coat proxysg",
"scope": "lte",
"trust": 0.6,
"vendor": "blue",
"version": "\u003c=6.5"
},
{
"model": "coat proxysg",
"scope": "eq",
"trust": 0.6,
"vendor": "blue",
"version": "6.4"
},
{
"model": "coat proxysg",
"scope": "eq",
"trust": 0.6,
"vendor": "blue",
"version": "6.3"
},
{
"model": "coat proxysg",
"scope": "eq",
"trust": 0.6,
"vendor": "blue",
"version": "6.2"
},
{
"model": "coat proxysg",
"scope": "eq",
"trust": 0.6,
"vendor": "blue",
"version": "6.1"
},
{
"model": "coat proxysg",
"scope": "eq",
"trust": 0.6,
"vendor": "blue",
"version": "5.5"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.4"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.2"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.4.6.1"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "5.5.11"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.1.6.3"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.6,
"vendor": "bluecoat",
"version": "6.2.15.3"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "6.5"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "6.4"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "6.3"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "6.2"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "6.1"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.5"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.4"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "6.5.4"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.5.113"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "6.4.6.1"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "6.2.15.3"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "6.1.6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "BID",
"id": "66054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:bluecoat:proxysgos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "66054"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2033",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"id": "CVE-2014-2033",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 4.6,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 4.4,
"id": "CVE-2014-2033",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.4,
"id": "CNVD-2014-01436",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2033",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2033",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-01436",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-020",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. (CWE-361). Blue Coat Provided by ProxySG Contains a vulnerability with a time lag between the change of the authentication information and the reflection. Blue Coat Provided by ProxySG Since the old authentication information is stored in the cache, the maximum time from the change of the authentication information to the reflection 15 Vulnerability with a time difference of about minutes (CWE-361) Exists. In addition, if other password-related processing such as login with a new account or denial of authentication due to an incorrect password is performed, this time difference will be reduced. CWE-361: Time and State https://cwe.mitre.org/data/definitions/361.htmlEven if the authentication information is changed, the maximum 15 You may be logged in with your old account for a minute. Blue Coat ProxySG is a set of secure Web gateway devices from Blue Coat, USA. The device provides user authentication, web filtering, data loss protection and more to control all web traffic. Blue Coat ProxySG has a security vulnerability in the SGOS caching feature",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2033"
},
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "BID",
"id": "66054"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/221620",
"trust": 0.8,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#221620",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2014-2033",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU93097036",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-01436",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020",
"trust": 0.6
},
{
"db": "BID",
"id": "66054",
"trust": 0.3
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "BID",
"id": "66054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"id": "VAR-201403-0228",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01436"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01436"
}
]
},
"last_update_date": "2025-04-13T23:22:39.458000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bluecoat Knowledge Base - Changes to ProxySG local users are delayed",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
},
{
"title": "Blue Coat ProxySG vulnerable patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/44054"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
},
{
"problemtype": "CWE-361",
"trust": 0.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"trust": 2.7,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa77"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/361.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2033"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93097036/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2033"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/products/sg"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "BID",
"id": "66054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#221620"
},
{
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"db": "BID",
"id": "66054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-28T00:00:00",
"db": "CERT/CC",
"id": "VU#221620"
},
{
"date": "2014-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"date": "2014-02-25T00:00:00",
"db": "BID",
"id": "66054"
},
{
"date": "2014-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"date": "2014-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"date": "2014-03-02T17:55:02.893000",
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-28T00:00:00",
"db": "CERT/CC",
"id": "VU#221620"
},
{
"date": "2014-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01436"
},
{
"date": "2014-02-25T00:00:00",
"db": "BID",
"id": "66054"
},
{
"date": "2014-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001544"
},
{
"date": "2014-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-020"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-2033"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blue Coat ProxySG local user changes contain a time and state vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#221620"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-020"
}
],
"trust": 0.6
}
}
CVE-2014-2033 (GCVE-0-2014-2033)
Vulnerability from nvd – Published: 2014-03-02 17:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#221620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-02T16:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#221620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#221620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA77",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2033",
"datePublished": "2014-03-02T17:00:00",
"dateReserved": "2014-02-19T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5959 (GCVE-0-2013-5959)
Vulnerability from nvd – Published: 2013-09-28 19:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:41.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/97767"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/97767"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"refsource": "OSVDB",
"url": "http://osvdb.org/97767"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA75",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5959",
"datePublished": "2013-09-28T19:00:00",
"dateReserved": "2013-09-28T00:00:00",
"dateUpdated": "2024-08-06T17:29:41.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2033 (GCVE-0-2014-2033)
Vulnerability from cvelistv5 – Published: 2014-03-02 17:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#221620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-02T16:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#221620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#221620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221620"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA77",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA77"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2033",
"datePublished": "2014-03-02T17:00:00",
"dateReserved": "2014-02-19T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5959 (GCVE-0-2013-5959)
Vulnerability from cvelistv5 – Published: 2013-09-28 19:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:41.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/97767"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/97767"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54991"
},
{
"name": "97767",
"refsource": "OSVDB",
"url": "http://osvdb.org/97767"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA75",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA75"
},
{
"name": "1029088",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5959",
"datePublished": "2013-09-28T19:00:00",
"dateReserved": "2013-09-28T00:00:00",
"dateUpdated": "2024-08-06T17:29:41.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}