The web-based Management Console in Blue Coat Security Gateway OS 3.0 up to and including 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows malicious users to steal digital certificates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
broadcom bluecoat security gateway 3.2.1 |
||
broadcom bluecoat security gateway |