The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.
References
Link | Resource |
---|---|
http://secunia.com/advisories/11627 | Broken Link Patch Vendor Advisory |
http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html | Broken Link Patch Vendor Advisory |
http://www.osvdb.org/6218 | Broken Link |
http://www.securityfocus.com/bid/10371 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16182 | Third Party Advisory VDB Entry |
http://secunia.com/advisories/11627 | Broken Link Patch Vendor Advisory |
http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html | Broken Link Patch Vendor Advisory |
http://www.osvdb.org/6218 | Broken Link |
http://www.securityfocus.com/bid/10371 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16182 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/11627 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html - Broken Link, Patch, Vendor Advisory | |
References | () http://www.osvdb.org/6218 - Broken Link | |
References | () http://www.securityfocus.com/bid/10371 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16182 - Third Party Advisory, VDB Entry |
13 Feb 2024, 16:17
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:o:bluecoat:security_gateway_os:3.1:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.2.1:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.0:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.2:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.1.2:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.7:*:*:*:*:*:*:* cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.13:*:*:*:*:*:*:* |
cpe:2.3:o:broadcom:bluecoat_security_gateway:*:*:*:*:*:*:*:* cpe:2.3:o:broadcom:bluecoat_security_gateway:3.2.1:*:*:*:*:*:*:* |
First Time |
Broadcom bluecoat Security Gateway
Broadcom |
|
CWE | CWE-312 | |
References | () http://secunia.com/advisories/11627 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html - Broken Link, Patch, Vendor Advisory | |
References | () http://www.osvdb.org/6218 - Broken Link | |
References | () http://www.securityfocus.com/bid/10371 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16182 - Third Party Advisory, VDB Entry |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:53
NVD link : CVE-2004-2397
Mitre link : CVE-2004-2397
CVE.ORG link : CVE-2004-2397
JSON object : View
Products Affected
broadcom
- bluecoat_security_gateway
CWE
CWE-312
Cleartext Storage of Sensitive Information