VAR-201208-0647
Vulnerability from variot - Updated: 2023-12-18 12:45The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors. A remote attacker could exploit this vulnerability to execute arbitrary commands through an unknown vector
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0647",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.6.2"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.5.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.1.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.6"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.5"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.9,
"vendor": "websense",
"version": "7.1"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "websense",
"version": "*"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 1.0,
"vendor": "websense",
"version": "*"
},
{
"model": "web filter",
"scope": "eq",
"trust": 1.0,
"vendor": "websense",
"version": "*"
},
{
"model": "websense web security gateway anywhere",
"scope": null,
"trust": 0.8,
"vendor": "web sense",
"version": null
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.5.1"
},
{
"model": "websense web security gateway",
"scope": null,
"trust": 0.8,
"vendor": "web sense",
"version": null
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.1.1 hotfix 06"
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.1 hotfix 109"
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.1"
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.5 hotfix 78"
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.6"
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.6 hotfix 24"
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.6.2"
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.5"
},
{
"model": "websense web security",
"scope": "lt",
"trust": 0.8,
"vendor": "web sense",
"version": "7.1.1"
},
{
"model": "websense web filter",
"scope": null,
"trust": 0.8,
"vendor": "web sense",
"version": null
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.6.2 hotfix 12"
},
{
"model": "websense web security",
"scope": "eq",
"trust": 0.8,
"vendor": "web sense",
"version": "7.5.1 hotfix 12"
},
{
"model": "web security gateway anywhere",
"scope": null,
"trust": 0.6,
"vendor": "websense",
"version": null
},
{
"model": "web filter",
"scope": null,
"trust": 0.6,
"vendor": "websense",
"version": null
},
{
"model": "web security gateway",
"scope": null,
"trust": 0.6,
"vendor": "websense",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "0"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "0"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "78338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:websense:websense_web_security_gateway_anywhere:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5102"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "78338"
}
],
"trust": 0.3
},
"cve": "CVE-2011-5102",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-5102",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-53047",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-5102",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-447",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-53047",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors. A remote attacker could exploit this vulnerability to execute arbitrary commands through an unknown vector",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "BID",
"id": "78338"
},
{
"db": "VULHUB",
"id": "VHN-53047"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-5102",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447",
"trust": 0.7
},
{
"db": "BID",
"id": "78338",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-53047",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53047"
},
{
"db": "BID",
"id": "78338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"id": "VAR-201208-0647",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-53047"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:45:42.078000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "000005539",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-about-hotfix-24-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"title": "000005499",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-about-hotfix-12-for-websense-web-security-websense-web-filter-and-web-security-gateway"
},
{
"title": "000005537",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-about-hotfix-12-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"title": "000005597",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-5-about-hotfix-78-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"title": "000005536",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-about-hotfix-12-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"title": "000005550",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-1-about-hotfix-109-for-websense-web-security-web-filter-and-web-security-gateway"
},
{
"title": "000005538",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-about-hotfix-06-for-web-security-web-filter-and-web-security-gateway"
},
{
"title": "000005500",
"trust": 0.8,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-about-hotfix-24-for-websense-web-security-websense-web-filter-and-web-security-gateway"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-about-hotfix-06-for-web-security-web-filter-and-web-security-gateway"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-1-about-hotfix-109-for-websense-web-security-web-filter-and-web-security-gateway"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-about-hotfix-12-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-5-about-hotfix-78-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-about-hotfix-12-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-about-hotfix-12-for-websense-web-security-websense-web-filter-and-web-security-gateway"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-about-hotfix-24-for-websense-web-security-web-filter-web-security-gateway-and-web-security-gateway-anywhere"
},
{
"trust": 2.0,
"url": "http://www.websense.com/support/article/kbarticle/v7-6-about-hotfix-24-for-websense-web-security-websense-web-filter-and-web-security-gateway"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5102"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5102"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53047"
},
{
"db": "BID",
"id": "78338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-53047"
},
{
"db": "BID",
"id": "78338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-53047"
},
{
"date": "2012-08-23T00:00:00",
"db": "BID",
"id": "78338"
},
{
"date": "2012-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"date": "2012-08-23T10:32:14.873000",
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"date": "2012-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-53047"
},
{
"date": "2012-08-23T00:00:00",
"db": "BID",
"id": "78338"
},
{
"date": "2012-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003850"
},
{
"date": "2012-08-23T14:54:47.093000",
"db": "NVD",
"id": "CVE-2011-5102"
},
{
"date": "2012-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Websense Product TRITON Management console command execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003850"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-447"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…