CVE-2015-2746 in Appliance Managerinfo

Summary

The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command, as demonstrated by the Destination parameter in the ping command.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/26/2015

Disclosure

03/26/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
74490	Websense Appliance Manager Network Diagnostics Tool command injection	77	Proof-of-Concept	Official fix	CVE-2015-2746
74061	Websense Appliance Manager Network Diagnostics Tool CommandLineServlet command injection	77	High	Official fix	CVE-2015-2746

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!