[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-5144Date: (C)2012-08-23   (M)2023-12-22


The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html
http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html
http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations

CPE    7
cpe:/a:websense:websense_web_filter:6.3.1
cpe:/a:websense:websense_web_filter:6.3.0
cpe:/a:websense:websense:6.3.1:-:enterprise
cpe:/a:websense:websense:6.3.0:-:enterprise
...
CWE    1
CWE-264

© SecPod Technologies