Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0706


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0706
Last Modified 05 Sep 2008 04:28:44
Published 10 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function.

Vulnerable Systems


  • Surfcontrol Superscout Web Filter 3.0

  • Surfcontrol Superscout Web Filter 3.0.3

  • Surfcontrol Web Filter 4.0

  • Surfcontrol Web Filter 4.1


BUGTRAQ - 20021002 wp--02-0005: Multiple Vulnerabilities in SuperScout Web Reports Server


OSVDB - 3491

XF - superscout-webfilter-weak-encryption(10247)

Last Updated: 27 May 2016 10:37:02