CVE-2015-4523

Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute arbitrary code via vectors related to saving files during analysis.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 CRITICAL
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
symantecmalware_analysis_appliance
𝑥
≤ 4.2
symantecmalware_analyzer_g2
𝑥
≤ 3.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bto.bluecoat.com/security-advisory/sa97
https://bto.bluecoat.com/security-advisory/sa97