Websense TRITON 7.8 Multiple Vulnerabilities
Medium Nessus Plugin ID 83739
SynopsisThe remote web server hosts an information security application with multiple vulnerabilities.
DescriptionThe remote host is running Websense TRITON version 7.8.2 through 7.8.4. It is, therefore, potentially affected by multiple vulnerabilities :
- Multiple cross-site scripting vulnerabilities exist in the Investigative Reports due to a failure to properly validate the input to the 'ReportName' parameter to the Explorer report scheduler and the input to the 'col' parameter to the Names and Anonymous summary report pages. A remote attacker can exploit these vulnerabilities to inject arbitrary script or HTML in the user's browser session. (CVE-2014-9711)
- A stored cross-site scripting flaw exists due to a failure to validate input to the sender address field from an email when viewing audit log details. Websense TRITON is affected only if the Email Security component is installed. (CVE-2015-2702)
- Multiple cross-site scripting vulnerabilities exist due to a failure to validate the input to the 'ws-encdata' parameter of the 'moreBlockInfo.cgi' script in the Data Security block page and the input to the 'admin_msg' parameter to the 'client-cert-import_wsoem.html' in the Content Gateway. A remote attacker can exploit these vulnerabilities to inject arbitrary script or HTML in the user's browser session. Websense TRITON is affected only if the Web Security component is installed.
- A command injection flaw exists due to a failure to validate the 'Destination' parameter of the CommandLineServlet of the Appliance Manager interface.
An authenticated attacker can submit a specially crafted request to the servlet resulting in arbitrary commands being run as the root user on any V-Series appliances being managed by Websense TRITON. Note that the commands are executed on the appliance only and not the server that Websense TRITON is running on. (CVE-2015-2746)
- Websense TRITON does not properly restrict access to files in the 'explorer_wse/' path. A remote attacker, by using a direct request to a Web Security incident report or the Explorer configuration (websense.ini) file, can thereby gain access to sensitive information. Websense TRITON is affected only if the Web Security component is installed. (CVE-2015-2748)
SolutionSome hotfixes have been released to address individual issues;
however, only updating to 8.0 resolves all the issues listed.