RCE in Bluecoat Content_analysis_system

CVE-2014-2565

The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.006 (68.8th percentile) — read the EPSS interpretation.

Affected products

Bluecoat Content_analysis_system
Bluecoat Content_analysis_system_software — versions 1.1, 1.1.1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)