This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote web server contains a web application that is affected by
an information disclosure vulnerability.
The remote application is running Websense Triton Unified Security
Center, a component of the commercial suite of web filtering products.
The remote instance of Websense Triton Unified Security Center fails
to sanitize user-supplied input data in the 'Log Database' and 'User
Directories' areas of the 'Settings' component. This error could allow
an authenticated attacker to obtain credential information belonging
to other users and possibly those owning higher privileges.
See also :
There are no known workarounds or upgrades to correct this issue.
Websense has released the following Hotfixes to address this
- Web Security Gateway Anywhere v7.7.3 Hotfix 31
- Web Security Gateway v7.7.3 Hotfix 31
- Websense Web Security v7.7.3 Hotfix 31
- Websense Web Filter v7.7.3 Hotfix 31
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 3.0
Public Exploit Available : false