Short Name |
HTTP:MISC:BLUECOAT-ADMIN |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
Blue Coat Administrator Account Escalation |
Release Date |
2005/12/06 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Blue Coat proxy appliance. Blue Coat Reporter 7.1.1.1 and earlier can be vulnerable. Attackers can create a malicious administrative account by crafting a HTTP request, which might allow them to gain control of the affected system with elevated privileges.
Blue Coat Reporter is prone to a remote privilege escalation vulnerability. This issue is due to a failure in the application to properly authenticate a user prior to permitting access to administrator functions. A remote authenticated user can manipulate the form for adding new users and create a new user with administrator access. The vendor has addressed this issue in the upcoming version 7.1.2 of the application.