Search criteria
33 vulnerabilities found for websense_web_security by websense
FKIE_CVE-2009-5132
Vulnerability from fkie_nvd - Published: 2012-08-26 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_security | * | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA71E8E-7DAC-4A8B-A59F-950BDAC3F9D7",
"versionEndIncluding": "6.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E18C4336-09F1-4149-8342-500A4D140FBE",
"versionEndIncluding": "6.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL."
},
{
"lang": "es",
"value": "El servicio de filtrado en Websense Web Security y Web Filter anterior a v6.3.1 Hotfix 106 y v7.x anterior a v7.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (filtering outage) a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2009-5132",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-26T19:55:01.230",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4604
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_security | * | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 6.3.1 | |
| websense | websense_web_security | 6.3.2 | |
| websense | websense_web_security | 6.3.3 | |
| websense | websense_web_security | 7.0 | |
| websense | websense_web_security | 7.1 | |
| websense | websense_web_security | 7.1.1 | |
| websense | websense_web_security | 7.5 | |
| websense | websense_web_security | 7.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69380-D772-4D64-84C5-01A386E11484",
"versionEndIncluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE86A75-E3BB-446E-B342-F07125B0BFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34695378-95E6-4A56-B724-07025B73F493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73886536-436E-4A38-99F8-BFD378D2B4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "161E18C4-3302-4420-8A1C-FB08B043D536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72741B37-B3E8-48B5-956E-FF455642531D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "756CE82D-8583-441F-A9DB-6E0EAB6EDA3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe."
},
{
"lang": "es",
"value": "La consola de gesti\u00f3n de TRITON en Websense Web Security anterior a v7.6 Hotfix 24 permite a atacantes remotos saltarse la autenticaci\u00f3n y leer informes arbitrarios a trav\u00e9s de un campo uid manipulado, en conjunci\u00f3n con un campo userRoles manipulado, en una (cookie), como se demuestra por medio de una solicitud a explorer_wse/favorites.exe."
}
],
"id": "CVE-2012-4604",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:15.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/522530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/522530"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5148
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | * | |
| websense | websense_web_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53A0539F-BE93-4A7E-88EA-4945427CFA44",
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EA7878-88F6-4A29-8F4E-1164DA81CE6A",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
},
{
"lang": "es",
"value": "Websense Web Security y Web Filter anteriores a v7.1 Hotfix 21 no fija el \"flag\" secure para la cookie de sesi\u00f3n Encrypted Session (SSL) en una sesi\u00f3n https, lo que facilita a atacantes remotos la captura de esta cookie intercept\u00e1ndola cuando se transmite dentro de una sesi\u00f3n http.\r\n"
}
],
"id": "CVE-2010-5148",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78342"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-5119
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_security | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto de Apache Tomcat en Websense Manager en Websense Web Security v7.0 y Web Filter v7.0 permite cifrado d\u00e9bil SSL en conf/server.xml, lo que hace facilita a los atacantes remotos obtener informaci\u00f3n sensible espiando la red y realizando un ataque de fuerza bruta sobre los datos de sesi\u00f3n cifrados."
}
],
"id": "CVE-2009-5119",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.280",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5146
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_security | * | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 6.3.1 | |
| websense | websense_web_security | 6.3.2 | |
| websense | websense_web_security | 6.3.3 | |
| websense | websense_web_security | 7.0 | |
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 6.3.0 | |
| websense | websense_web_filter | 6.3.1 | |
| websense | websense_web_filter | 6.3.2 | |
| websense | websense_web_filter | 6.3.3 | |
| websense | websense_web_filter | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2632CB3C-76D7-492C-B881-90BAB25251C9",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE86A75-E3BB-446E-B342-F07125B0BFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34695378-95E6-4A56-B724-07025B73F493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73886536-436E-4A38-99F8-BFD378D2B4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2502B6-13CB-4D6D-9578-E37B7FF00DDC",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A75C4-BDD4-4638-B582-A4A151EBBB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "292178C0-87D1-4755-BDDF-ED4398DB0BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B154975F-8703-438A-AD0D-80255C6803FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62331FF7-B859-4B6B-9B36-489B75B16563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files."
},
{
"lang": "es",
"value": "El componente Remote Filtering en Websense Web Security y Web Filter v7.1 anterior a Hotfix 66 permite a usuarios locales eludir el filtrado por (1) el renombrado de WDC.exe o (2) borrar los ficheros del controlador."
}
],
"id": "CVE-2010-5146",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.623",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-5102
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | * | |
| websense | websense_web_security | 7.1 | |
| websense | websense_web_security | 7.1.1 | |
| websense | websense_web_security | 7.5 | |
| websense | websense_web_security | 7.5.1 | |
| websense | websense_web_security | 7.6 | |
| websense | websense_web_security | 7.6.2 | |
| websense | websense_web_security_gateway | * | |
| websense | websense_web_security_gateway_anywhere | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8C57E4-31F8-4E16-B56A-9E119D418D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "161E18C4-3302-4420-8A1C-FB08B043D536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72741B37-B3E8-48B5-956E-FF455642531D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "756CE82D-8583-441F-A9DB-6E0EAB6EDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B942647-F266-44A3-ABD5-89B4D3FB4DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D90E8ED-5986-4DB3-ACE6-48A6C684B080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73267B0B-22A6-492E-B89E-4AFD13A662CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security_gateway_anywhere:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56C1D61-4AE2-48FD-A7B4-F83153996A89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
},
{
"lang": "es",
"value": "La interfaz web de informes de investigaci\u00f3n en la consola de gesti\u00f3n TRITON en Websense Web Security v7.1 before Hotfix 109, v7.1.1 before Hotfix 06, v7.5 anterior al parche v78, 7.5.1 anterior al parche v12, 7.6 anterior al parche v24, y v7.6.2 anterior al parche v12; Web Filter; Web Security Gateway; y Web Security Gateway Anywhere permite a atacantes remotos ejecutar comandos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-5102",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.873",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5147
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_security | * | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 6.3.1 | |
| websense | websense_web_security | 6.3.2 | |
| websense | websense_web_security | 7.0 | |
| websense | websense_web_security | 7.1 | |
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 6.3.0 | |
| websense | websense_web_filter | 6.3.1 | |
| websense | websense_web_filter | 6.3.2 | |
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_filter | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BBD4B6-7512-4564-871B-C4416DC17CB1",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE86A75-E3BB-446E-B342-F07125B0BFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34695378-95E6-4A56-B724-07025B73F493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C54DEE82-2192-4C7B-A0B5-80D3710AFCAB",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A75C4-BDD4-4638-B582-A4A151EBBB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "292178C0-87D1-4755-BDDF-ED4398DB0BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B154975F-8703-438A-AD0D-80255C6803FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02E4E0B2-3D43-444C-975D-1C652B805467",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic."
},
{
"lang": "es",
"value": "El componente Remote Filtering en Websense Web Security y Web Filter v6.3.3 anterior a Hotfix 18 y v7.x anterior a v7.1.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (salida del demonio) a trav\u00e9s de un gran volumen de tr\u00e1fico."
}
],
"id": "CVE-2010-5147",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.670",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-5120
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_security | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto de Apache Tomcat en Websense Manager en Websense Web Security v7.0 y Web Filter v7.0 permite conexiones con el puerto TCP 1812 de cualquier direcci\u00f3n IP de origen, lo que facilita a los atacantes remotos realizar ataques cross-site scripting (XSS) a trav\u00e9s de texto UTF-7 a la p\u00e1gina de error 404 de un servicio Proyect Woodstock en este puerto."
}
],
"id": "CVE-2009-5120",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-23T10:32:14.343",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5144
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense | * | |
| websense | websense | 6.3.0 | |
| websense | websense | 6.3.1 | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 6.3.1 | |
| websense | websense_web_security | 6.3.3 | |
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 6.3.0 | |
| websense | websense_web_filter | 6.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense:*:-:enterprise:*:*:*:*:*",
"matchCriteriaId": "C44054E8-5FA5-4210-924E-EB18F942B09F",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense:6.3.0:-:enterprise:*:*:*:*:*",
"matchCriteriaId": "F204D7A6-92C9-4142-BDFC-FA3682C9A775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense:6.3.1:-:enterprise:*:*:*:*:*",
"matchCriteriaId": "F9F0A883-DE96-47D7-BBBA-AAA94396B80E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE86A75-E3BB-446E-B342-F07125B0BFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73886536-436E-4A38-99F8-BFD378D2B4B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C54DEE82-2192-4C7B-A0B5-80D3710AFCAB",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A75C4-BDD4-4638-B582-A4A151EBBB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "292178C0-87D1-4755-BDDF-ED4398DB0BF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header."
},
{
"lang": "es",
"value": "El complemento ISAPI Filter de Websense Enterprise, Websense Web Security y Websense Web Filter v6.3.3 y versiones anteriores, cuando se utiliza junto a Microsoft ISA o con el servidor Microsoft Forefront TMG, permite a atacantes remotos evitar la filtraci\u00f3n establecida y monitorizar actividades para el tr\u00e1fico web a trav\u00e9s de la cabecera HTTP."
}
],
"id": "CVE-2010-5144",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.530",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5145
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_filter | 7.1 | |
| websense | websense_web_security | * | |
| websense | websense_web_security | 7.0 | |
| websense | websense_web_security | 7.1 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D595E43-DD66-4CCF-AB23-7DBCF6BA75ED",
"versionEndIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02E4E0B2-3D43-444C-975D-1C652B805467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E917259-CB81-47BB-87C0-380710BD1315",
"versionEndIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI."
},
{
"lang": "es",
"value": "El Servicio de Filtrado de Websense Web Security y Web Filter v6.3.1 anterior a Hotfix 136 y v7.x en Windows anterior a v7.1.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del filtrado) a trav\u00e9s de una secuencia manipulada de los caracteres de una URI."
}
],
"id": "CVE-2010-5145",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5149
Vulnerability from fkie_nvd - Published: 2012-08-23 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| websense | websense_web_security | * | |
| websense | websense_web_security | 6.3.0 | |
| websense | websense_web_security | 6.3.1 | |
| websense | websense_web_security | 6.3.2 | |
| websense | websense_web_security | 7.0 | |
| websense | websense_web_security | 7.1 | |
| websense | websense_web_filter | * | |
| websense | websense_web_filter | 6.3.0 | |
| websense | websense_web_filter | 6.3.1 | |
| websense | websense_web_filter | 6.3.2 | |
| websense | websense_web_filter | 7.0 | |
| websense | websense_web_filter | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BBD4B6-7512-4564-871B-C4416DC17CB1",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4583F-0A0F-4CD8-BCE5-79D63A00540B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE86A75-E3BB-446E-B342-F07125B0BFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34695378-95E6-4A56-B724-07025B73F493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "885485B8-D5F5-4094-8CDC-008F377CA492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C54DEE82-2192-4C7B-A0B5-80D3710AFCAB",
"versionEndIncluding": "6.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A75C4-BDD4-4638-B582-A4A151EBBB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "292178C0-87D1-4755-BDDF-ED4398DB0BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B154975F-8703-438A-AD0D-80255C6803FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62623B7E-541F-48B9-BA4D-07AD28C2C446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:websense:websense_web_filter:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02E4E0B2-3D43-444C-975D-1C652B805467",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL."
},
{
"lang": "es",
"value": "Websense Web Security y Web Filter anterior a v6.3.3 Hotfix 27 y v7.x anterior a v7.1.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (Blue Coat appliance integration outage) a trav\u00e9s de una URL larga."
}
],
"id": "CVE-2010-5149",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-23T10:32:14.813",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-5132 (GCVE-0-2009-5132)
Vulnerability from cvelistv5 – Published: 2012-08-26 19:00 – Updated: 2024-08-07 07:32
VLAI?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5132",
"datePublished": "2012-08-26T19:00:00",
"dateReserved": "2012-08-26T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5149 (GCVE-0-2010-5149)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5149",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5146 (GCVE-0-2010-5146)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5146",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5147 (GCVE-0-2010-5147)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 16:12
VLAI?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:38.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5147",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T16:12:40.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5119 (GCVE-0-2009-5119)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 18:19
VLAI?
Summary
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5119",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T18:19:16.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5102 (GCVE-0-2011-5102)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 22:20
VLAI?
Summary
The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:40.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5102",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T22:20:37.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4604 (GCVE-0-2012-4604)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 20:47
VLAI?
Summary
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4604",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T20:47:54.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5145 (GCVE-0-2010-5145)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5145",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5144 (GCVE-0-2010-5144)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 20:12
VLAI?
Summary
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"name": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"name": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html",
"refsource": "MISC",
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5144",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:44.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5120 (GCVE-0-2009-5120)
Vulnerability from cvelistv5 – Published: 2012-08-23 10:00 – Updated: 2024-09-16 18:39
VLAI?
Summary
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5120",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T18:39:06.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5132 (GCVE-0-2009-5132)
Vulnerability from nvd – Published: 2012-08-26 19:00 – Updated: 2024-08-07 07:32
VLAI?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v71/wws_pdfs/ws_releasenotes.pdf"
},
{
"name": "websense-filtering-service-dos(78570)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78570"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5132",
"datePublished": "2012-08-26T19:00:00",
"dateReserved": "2012-08-26T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5149 (GCVE-0-2010-5149)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-url-dos(78341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5149",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5146 (GCVE-0-2010-5146)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-security-bypass(78344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5146",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5147 (GCVE-0-2010-5147)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-09-16 16:12
VLAI?
Summary
The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:38.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5147",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T16:12:40.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5119 (GCVE-0-2009-5119)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-09-16 18:19
VLAI?
Summary
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5119",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T18:19:16.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5102 (GCVE-0-2011-5102)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-09-16 22:20
VLAI?
Summary
The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:40.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5102",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T22:20:37.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4604 (GCVE-0-2012-4604)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-09-16 20:47
VLAI?
Summary
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120430 NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4604",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T20:47:54.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5145 (GCVE-0-2010-5145)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-08-07 04:09
VLAI?
Summary
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx"
},
{
"name": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf",
"refsource": "CONFIRM",
"url": "http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf"
},
{
"name": "websense-filtering-dos(78345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78345"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5145",
"datePublished": "2012-08-23T10:00:00",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-07T04:09:39.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5144 (GCVE-0-2010-5144)
Vulnerability from nvd – Published: 2012-08-23 10:00 – Updated: 2024-09-16 20:12
VLAI?
Summary
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-23T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100529 Websense Enterprise 6.3.3 Policy Bypass",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html"
},
{
"name": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations"
},
{
"name": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html",
"refsource": "MISC",
"url": "http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5144",
"datePublished": "2012-08-23T10:00:00Z",
"dateReserved": "2012-08-23T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:44.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}