VYPR
High severity7.4NVD Advisory· Published Jan 8, 2016· Updated Jun 17, 2026

CVE-2015-8597

CVE-2015-8597

Description

Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%."

Affected products

4
  • cpe:2.3:a:bluecoat:advanced_secure_gateway:6.6:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bluecoat:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
    • (no CPE)range: =6.6
  • Bluecoat/Proxysg2 versions
    cpe:2.3:a:bluecoat:proxysg:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bluecoat:proxysg:*:*:*:*:*:*:*:*range: <=6.5.8.7
    • (no CPE)range: 6.5 < 6.5.8.8, 6.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.