Vigil@nce - Blue Coat ProxySG: delay in account disabling
March 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who was recently disabled, can still authenticate on
Blue Coat ProxySG, in order to access to the Management Console.
Impacted products: ProxySG
Severity: 2/4
Creation date: 24/02/2014
DESCRIPTION OF THE VULNERABILITY
The Blue Coat ProxySG product can use a local or a non-local
(LDAP, SAML, etc.) authentication.
The local authentication uses a cache of 15 minutes. However, if a
local account is disabled, this user can still log in with his
password during 15 minutes.
An attacker, who was recently disabled, can therefore still
authenticate on Blue Coat ProxySG, in order to access to the
Management Console.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Blue-Coat-ProxySG-delay-in-account-disabling-14301