High severity7.4NVD Advisory· Published Jan 8, 2016· Updated Jun 17, 2026
CVE-2015-8597
CVE-2015-8597
Description
Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%."
Affected products
4cpe:2.3:a:bluecoat:advanced_secure_gateway:6.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bluecoat:advanced_secure_gateway:6.6:*:*:*:*:*:*:*
- (no CPE)range: =6.6
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.