CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 2CVE-2010-5144
https://notcve.org/view.php?id=CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header. El complemento ISAPI Filter de Websense Enterprise, Websense Web Security y Websense Web Filter v6.3.3 y versiones anteriores, cuando se utiliza junto a Microsoft ISA o con el servidor Microsoft Forefront TMG, permite a atacantes remotos evitar la filtración establecida y monitorizar actividades para el tráfico web a través de la cabecera HTTP. • http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html http://www.websense.com/support/article/t-kbarticle/Web-Security-Vulnerability-Microsoft-ISA-Server-Integrations • CWE-264: Permissions, Privileges, and Access Controls •