Unrated severityNVD Advisory· Published Feb 2, 2015· Updated May 6, 2026

CVE-2015-1454

Description

Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate.

Affected products

Bluecoat/Proxyclient
cpe:2.3:a:bluecoat:proxyclient:*:*:*:*:*:*:*:*
Range: >=3.3,<3.3.3.3
Bluecoat/Unified Agent
cpe:2.3:a:bluecoat:unified_agent:*:*:*:*:*:*:*:*
Range: <=4.1.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/62617nvdThird Party Advisory
bto.bluecoat.com/security-advisory/sa89nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000