header-logo
Suggest Exploit
vendor:
Websense Web Security Gateway Anywhere, Websense Web Security Gateway, Websense Web Security, Websense Web Filter
by:
Unknown
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Websense Web Security Gateway Anywhere, Websense Web Security Gateway, Websense Web Security, Websense Web Filter
Affected Version From: Websense Web Security Gateway Anywhere 7.6, Websense Web Security Gateway 7.6, Websense Web Security 7.6, Websense Web Filter 7.6
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: a:websense:web_security_gateway_anywhere:7.6,cpe:/a:websense:web_security_gateway:7.6,cpe:/a:websense:web_security:7.6,cpe:/a:websense:web_filter:7.6
Metasploit:
Other Scripts:
Platforms Tested:
2011

Authentication Bypass Vulnerability in Multiple Websense Products

The vulnerability allows remote attackers to bypass the authentication mechanism and gain unauthorized access.

Mitigation:

Apply the latest security patches provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/51087/info

Multiple Websense products are prone to an authentication-bypass vulnerability.

Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access.

The following Websense products are affected:

Websense Web Security Gateway Anywhere 7.6
Websense Web Security Gateway 7.6
Websense Web Security 7.6
Websense Web Filter 7.6 

https://www.example.com/explorer_wse/favorites.exe?startDate=2011-10-22&endDate=2011-10-23&action=def

Navigation

Suggest Exploit

Services By CQR