Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7312

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-7312
Last Modified 01 Apr 2013 10:45:17
Published 23 Aug 2012 06:32:14
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7312

Summary

The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address.

Vulnerable Systems

Application

  • Websense Enterprise 5.2

  • Websense Enterprise 5.5

  • Websense Enterprise 6.1

  • Websense Enterprise 6.2

  • Websense Enterprise 6.3


References

CONFIRM - http://www.websense.com/support/article/t-kbarticle/Why-doesn-t-my-Websense-installation-categorize-URLs-and-Permit-Block-in-accordance-with-the-Site-Lookup-Tool-s-categorization

XF - websense-filtering-sec-bypass(78299)


Last Updated: 27 May 2016 11:02:08