October 22, 2010 - ProxyAV Cross Site Request Forgery vulnerability
High, CVSS v2 base score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
There are no CVEs for the vulnerability.
A remote attacker can use URL links and/or malicious scripts to execute ProxyAV commands if the administrator has an active session in the ProxyAV management console.
All ProxyAV products prior to 22.214.171.124 are vulnerable.
An attacker who lures a ProxyAV administrator to browse a malicious website can use Cross Site Request Forgery (CSRF or XSRF) to submit commands to ProxyAV and gain control of the appliance. Commands that the attacker can submit include changing the password, changing the policy, and restarting the appliance.
ProxyAV has implemented the following measures to provide better protection from CSRF attacks:
Customers can limit the impact of this vulnerablity in these ways:
ProxyAV 3.2 - a fix is available in 126.96.36.199 or later versions. The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/4.
ProxyAV 3.1 and earlier - please upgrade to a later version.
2012-01-12 Minor edit that later versions contain the fix as well.
2012-01-11 Added URL for download.
2011-09-06 Marked status as final. No further fixes will be released.
2010-10-22 Initial public release
Rate this Page
Please take a moment to complete this form to help us better serve you.