Security Advisory

CVE-2012-4604

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-23 10:00:00

Last updated 2024-09-16 20:47:54

Assigner mitre

State PUBLISHED

Description

The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe.

← Browse all CVEs View on cve.org ↗