Blue Coat ProxySG Core File Information Disclosure

medium Nessus Plugin ID 68993

Synopsis

The remote device is potentially affected by an information disclosure vulnerability.

Description

The remote Blue Coat ProxySG device's SGOS self-reported version is 6.1.x earlier than 6.1.5.1 or 6.2.x earlier than 6.2.2.1. It is, therefore, potentially affected by an information disclosure vulnerability.

Exported core files are unencrypted, contain sensitive information and could be used to aid in further attacks.

Solution

Upgrade to version 6.1.5.1 / 6.2.2.1 or later and delete existing, unneeded core files.

See Also

http://web.archive.org/web/20111212151345/https://kb.bluecoat.com/index?page=content&id=SA56

Plugin Details

Severity: Medium

ID: 68993

File Name: bluecoat_proxy_sg_6_2.2.1.nasl

Version: 1.6

Type: local

Family: Firewalls

Published: 7/22/2013

Updated: 11/27/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2011-5126

Vulnerability Information

CPE: cpe:/o:bluecoat:sgos

Required KB Items: Host/BlueCoat/ProxySG/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 6/16/2011

Vulnerability Publication Date: 6/16/2011

Reference Information

CVE: CVE-2011-5126

BID: 48336