CVE Vulnerability

CVE-2008-7312

The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://www.websense.com/support/article/t-kbarticle/Why-doesn-t-my-Websense-installation-categorize-URLs-and-Permit-Block-in-accordance-with-the-Site-Lookup-Tool-s-categorization Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/78299
Configurations

Configuration 1

cpe:2.3:a:websense:enterprise:6.3:*:*:*:*:*:*:*
cpe:2.3:a:websense:enterprise:5.2:*:*:*:*:*:*:*
cpe:2.3:a:websense:enterprise:6.2:*:*:*:*:*:*:*
cpe:2.3:a:websense:enterprise:6.1:*:*:*:*:*:*:*
cpe:2.3:a:websense:enterprise:5.5:*:*:*:*:*:*:*
Information

Published : 2012-08-23 10:32

Updated : 2017-08-29 01:29

NVD link : CVE-2008-7312

Mitre link : CVE-2008-7312

Products Affected
No products.
CWE
CWE-20