Description
Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password, (2) modify a policy, or (3) restart the device.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://kb.bluecoat.com/index?page=content&id=SA46
Scores
EPSS
0.0129
EPSS Percentile
66.8%
Details
CWE
CWE-352
Status
published
Products (4)
bluecoat/avos
3.1
bluecoat/avos
3.2
bluecoat/avos
< 3.2.6
bluecoat/proxyav
Published
Aug 26, 2012
Tracked Since
Feb 18, 2026