Blue Coat Malware Analysis Appliance up to 4.2.4 search.php information disclosure
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.2 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in Blue Coat Malware Analysis Appliance up to 4.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2015-0938. No exploit exists. The affected component should be upgraded.
Details
A vulnerability was found in Blue Coat Malware Analysis Appliance up to 4.2.4 (Anti-Malware Software). It has been rated as critical. This issue affects an unknown part of the file search.php. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to declare the problem leads to CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. Impacted is confidentiality, and integrity. The summary by CVE is:
search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents, by providing matching keywords in conjunction with a crafted parameter.
The weakness was disclosed 04/17/2015 (Website). It is possible to read the advisory at kb.cert.org. The identification of this vulnerability is CVE-2015-0938 since 01/10/2015. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1592 according to MITRE ATT&CK.
By approaching the search of inurl:search.php it is possible to find vulnerable targets with Google Hacking.
Upgrading to version 4.2.4.20150312-RELEASE eliminates this vulnerability.
The entry VDB-74986 is pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.5VulDB Meta Temp Score: 6.2
VulDB Base Score: 6.5
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Information disclosureCWE: CWE-200 / CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Upgrade: Malware Analysis Appliance 4.2.4.20150312-RELEASE
Timeline
01/10/2015 🔍04/16/2015 🔍
04/17/2015 🔍
04/17/2015 🔍
11/04/2024 🔍
Sources
Advisory: kb.cert.orgStatus: Confirmed
Confirmation: 🔍
CVE: CVE-2015-0938 (🔍)
GCVE (CVE): GCVE-0-2015-0938
GCVE (VulDB): GCVE-100-74987
CERT: 🔍
See also: 🔍
Entry
Created: 04/17/2015 10:25Updated: 11/04/2024 08:06
Changes: 04/17/2015 10:25 (43), 09/04/2017 09:22 (8), 11/04/2024 08:06 (19)
Complete: 🔍
Cache ID: 216:818:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.