CVE-2014-2565

Published Apr 30, 2014

Last updated 4 months ago

CVSS info 6.5

Overview

Description: The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 10
Exploitability score: 2.5
Vector string: AV:A/AC:H/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bluecoat:content_analysis_system_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66C66E4D-ACDC-4A87-8D5A-9B6FBABE5C05",
            "versionEndIncluding": "1.1.2.1"
          },
          {
            "criteria": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "372E4BC0-DB27-489F-91E3-8B16B98F667D"
          },
          {
            "criteria": "cpe:2.3:a:bluecoat:content_analysis_system_software:1.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBF41DCF-B4D9-44EC-872E-21AF59BB1083"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:bluecoat:content_analysis_system:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE049E5-2839-42AF-99AE-E11328A2C729"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References