Websense TRITON 7.8 Multiple Vulnerabilities

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote web server hosts an information security application with
multiple vulnerabilities.

Description :

The remote host is running Websense TRITON version 7.8.2 through
7.8.4. It is, therefore, potentially affected by multiple
vulnerabilities :

- Multiple cross-site scripting vulnerabilities exist in
the Investigative Reports due to a failure to properly
validate the input to the 'ReportName' parameter to the
Explorer report scheduler and the input to the 'col'
parameter to the Names and Anonymous summary report
pages. A remote attacker can exploit these
vulnerabilities to inject arbitrary script or HTML in
the user's browser session. (CVE-2014-9711)

- A stored cross-site scripting flaw exists due to a
failure to validate input to the sender address field
from an email when viewing audit log details. Websense
TRITON is affected only if the Email Security component
is installed. (CVE-2015-2702)

- Multiple cross-site scripting vulnerabilities exist due
to a failure to validate the input to the 'ws-encdata'
parameter of the 'moreBlockInfo.cgi' script in the Data
Security block page and the input to the 'admin_msg'
parameter to the 'client-cert-import_wsoem.html' in the
Content Gateway. A remote attacker can exploit these
vulnerabilities to inject arbitrary script or HTML in
the user's browser session. Websense TRITON is affected
only if the Web Security component is installed.
(CVE-2015-2703)

- A command injection flaw exists due to a failure to
validate the 'Destination' parameter of the
CommandLineServlet of the Appliance Manager interface.
An authenticated attacker can submit a specially crafted
request to the servlet resulting in arbitrary commands
being run as the root user on any V-Series appliances
being managed by Websense TRITON. Note that the commands
are executed on the appliance only and not the server
that Websense TRITON is running on. (CVE-2015-2746)

- Websense TRITON does not properly restrict access to
files in the 'explorer_wse/' path. A remote attacker, by
using a direct request to a Web Security incident report
or the Explorer configuration (websense.ini) file, can
thereby gain access to sensitive information. Websense
TRITON is affected only if the Web Security component is
installed. (CVE-2015-2748)

See also :

http://www.nessus.org/u?3bff864f
http://www.nessus.org/u?1605810b
http://www.nessus.org/u?f5915409
http://www.nessus.org/u?b4f2a526
http://www.nessus.org/u?35904cd7
http://www.nessus.org/u?d81ea8fc
http://www.nessus.org/u?c46d757d

Solution :

Some hotfixes have been released to address individual issues;
however, only updating to 8.0 resolves all the issues listed.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now