Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score:Legacy ID
10 Jul 2015 Closed Medium CVSS v2: 6.4 SA101
Blue Coat products using affected versions of OpenSSL 1.0.2 and 1.0.1 are vulnerable to certificate forgery. A remote attacker may exploit this vulnerability to act as a CA using a valid leaf certificate and then issue falsified certificates that appear to be valid. At this time, no products have been identified as vulnerable. Blue Coat is actively assessing the remaining products.
At this time, no products have been found vulnerable to CVE-2015-1793.
Additional Product Information
Blue Coat products that use a native installation of OpenSSL but do not install or maintain that implementation are not vulnerable to any of these CVEs. However, the underlying platform or application that installs and maintains OpenSSL may be vulnerable. Blue Coat urges our customers to update the versions of OpenSSL that are natively installed for Reporter on Linux, Unified Agent on Linux, ProxyClient, and the Blue Coat HSM Agent on the SafeNet Luna SP.
The following products are not vulnerable: Advanced Secure Gateway
Android Mobile Agent
Blue Coat HSM Agent for the Luna SP
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Field Service Cloud
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
Content Analysis System
General Auth Connector Login Application (aclogon.exe)
Intelligence Center Data Collector
Mail Threat Defense
Malware Analysis Appliance
Malware Analyzer G2
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
ProxyAV ConLog and ConLogXP
Security Analytics Platform
Blue Coat no longer provides vulnerability information for the following products:
Please, contact Digital Guardian technical support regarding vulnerability information for DLP.
A vulnerability was announced by OpenSSL in OpenSSL Security Advisory 9-Jul-2015. Blue Coat products that include a vulnerable version of OpenSSL and make use of the affected functionality are vulnerable. At this time, no products have been identified as vulnerable. Blue Coat is actively investigating the remaining products.
CVE-2015-1793 is a flaw in in certificate verification that allows an attacker to bypass certain checks and present a certificate that, under normal conditions, would not be accepted. This flaw is exercised only when OpenSSL attempts to find an alternate certificate chain to validate the certificate. One check that is bypassed in this situation is the flag in the certificate that indicates that the certificate is for a Certificate Authority (CA). An attacker can exploit this flaw by using a valid leaf certificate signed by a trusted CA to act as a CA and sign invalid certificates. These certificates will be accepted as valid by the vulnerable versions of OpenSSL. Blue Coat products that use affected versions of OpenSSL and that validate certificates (either as a client or as a server) are vulnerable.
2017-02-15 Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support. SA status moved to Final.
2016-11-17 Cloud Data Protection for Oracle Field Service Cloud is not vulnerable.
2016-05-25 Reporter 9.5 and 10.1 are not vulnerable.
2016-05-11 No Cloud Data Protection products are vulnerable.
2016-05-03 Advanced Secure Gateway and PolicyCenter S-Series are not vulnerable.
2016-04-23 Mail Threat Defense is not vulnerable.
2015-07-13 updated identifier from 101 to SA101; Reporter for Windows is not vulnerable
2015-07-10 removed PolicyCenter S-Series as it is not shipping yet
2015-07-10 initial public release
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.