|Number of vulnerabilities||1|
|CVE ID|| CVE-2016-9097
|CWE ID|| CWE-284
|Public exploit||Not available|
|Vulnerable software versions||
ProxySG 6.5.3 6
ProxySG 6.5.3 5
|Vendor URL||Blue Coat Systems|
The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The weakness exists due to access control flaw in the web interface. A remote read-only administrative attacker can gain write privileges to modify the appliance settings and policy configuration and perform arbitrary management tasks via the management console.
The vulnerability is addressed in the following versions: 184.108.40.206, 220.127.116.11, 18.104.22.168.