Unrated severityNVD Advisory· Published Dec 7, 2015· Updated Jun 17, 2026
CVE-2015-4334
CVE-2015-4334
Description
The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5, 6.5 before 6.5.7.1, and 6.6 before 6.6.2.1 forwards authentication challenges from upstream origin content servers (OCS) when used in an explicit proxy deployment, which makes it easier for remote attackers to obtain sensitive information via a 407 (aka Proxy Authentication Required) HTTP status code, as demonstrated when using NTLM authentication.
Affected products
2Patches
Vulnerability mechanics
References
3- www.securitytracker.com/id/1032149nvdThird Party AdvisoryVDB Entry
- bto.bluecoat.com/security-advisory/sa93nvdVendor Advisory
- twitter.com/bugch3ck/status/591492380294979585nvdThird Party Advisory
News mentions
0No linked articles in our index yet.