CVE-2015-2748 in Web Securityinfo

Summary

Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/26/2015

Disclosure

03/26/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
74492Websense Web Security Explorer explorer_wse information disclosure200Not definedOfficial fixCVE-2015-2748
74094Websense Triton JSP URL Source information disclosure200UnprovenOfficial fixCVE-2015-2748

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!