【概要】

• 製品: Blue Coat SSL Visibility Appliance

• Cross-Site Request Forgery (CVE-2015-2852)
• Clickjacking due to improper input validation (CVE-2015-2854)
• Cookie theft (CVE-2015-2855)
• Session fixation.(CVE-2015-2853)

【ニュース】

◆暗号化通信の可視化製品に複数の脆弱性 (Security NEXT, 2015/06/01)
http://www.security-next.com/058912

【公開資料】

◆SSL Visibility Appliance web based vulnerabilities (Blue COAT, 2015/06/01)
https://bto.bluecoat.com/security-advisory/sa96