CVE-2015-0938

Blue Coat Malware Analysis Appliance < 4.2.3.20150129 - Unauthenticated Arbitrary File Read via search.php

Title source: llm
STIX 2.1

Description

search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents, by providing matching keywords in conjunction with a crafted parameter.

References (2)

Core 2
Core References
Various Sources x_refsource_confirm
https://bto.bluecoat.com/security-advisory/sa94
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/274244

Scores

EPSS 0.0146
EPSS Percentile 70.5%

Details

CWE
CWE-200
Status published
Products (1)
blue_coat/malware_analysis_appliance < 4.2.3.20150129
Published Apr 17, 2015
Tracked Since Feb 18, 2026