5.8

CVE-2009-1211

EPSS 0.19%
Published 01.04.2009 10:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Bluecoat ≫ Proxysg Va-10

Bluecoat ≫ Proxysg Va-15

Bluecoat ≫ Proxysg Va-20

Bluecoat ≫ Proxysg Va-5

Bluecoat ≫ Proxysg

Bluecoat ≫ Proxysg Sg210-10 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg210-10 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg210-25 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg210-25 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg210-5 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg210-5 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg510-10 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg510-10 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg510-20 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg510-20 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg510-25 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg510-25 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg510-5 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg810-10 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg810-10 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg810-20 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg810-20 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg810-25 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg810-25 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg810-5 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg9000-10 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg9000-10 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg9000-20 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg9000-20 Version- Update- Editionfull_proxy

Bluecoat ≫ Proxysg Sg9000-5 Version- Update- Editionacceleration

Bluecoat ≫ Proxysg Sg9000-5 Version- Update- Editionfull_proxy

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.371

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:N/I:P/A:P

http://www.securitytracker.com/id?1021781

https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2009-1211

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1211

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1211

EUVD