search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents, by providing matching keywords in conjunction with a crafted parameter.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/274244 | US Government Resource Third Party Advisory |
https://bto.bluecoat.com/security-advisory/sa94 |
Configurations
Information
Published : 2015-04-16 18:59
Updated : 2016-12-07 19:07
NVD link : CVE-2015-0938
Mitre link : CVE-2015-0938
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
blue_coat
- malware_analysis_appliance