CVE-2010-5144
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.
El complemento ISAPI Filter de Websense Enterprise, Websense Web Security y Websense Web Filter v6.3.3 y versiones anteriores, cuando se utiliza junto a Microsoft ISA o con el servidor Microsoft Forefront TMG, permite a atacantes remotos evitar la filtración establecida y monitorizar actividades para el tráfico web a través de la cabecera HTTP.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-08-23 CVE Reserved
- 2012-08-23 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0376.html | 2024-09-16 | |
| http://mrhinkydink.blogspot.com/2010/05/websense-633-via-bypass.html | 2024-09-16 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Websense Search vendor "Websense" | Websense Search vendor "Websense" for product "Websense" | <= 6.3.3 Search vendor "Websense" for product "Websense" and version " <= 6.3.3" | enterprise |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Search vendor "Websense" for product "Websense" | 6.3.0 Search vendor "Websense" for product "Websense" and version "6.3.0" | enterprise |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Search vendor "Websense" for product "Websense" | 6.3.1 Search vendor "Websense" for product "Websense" and version "6.3.1" | enterprise |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Security Search vendor "Websense" for product "Websense Web Security" | 6.3.0 Search vendor "Websense" for product "Websense Web Security" and version "6.3.0" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Security Search vendor "Websense" for product "Websense Web Security" | 6.3.1 Search vendor "Websense" for product "Websense Web Security" and version "6.3.1" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Security Search vendor "Websense" for product "Websense Web Security" | 6.3.3 Search vendor "Websense" for product "Websense Web Security" and version "6.3.3" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Filter Search vendor "Websense" for product "Websense Web Filter" | <= 6.3.3 Search vendor "Websense" for product "Websense Web Filter" and version " <= 6.3.3" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Filter Search vendor "Websense" for product "Websense Web Filter" | 6.3.0 Search vendor "Websense" for product "Websense Web Filter" and version "6.3.0" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Websense Web Filter Search vendor "Websense" for product "Websense Web Filter" | 6.3.1 Search vendor "Websense" for product "Websense Web Filter" and version "6.3.1" | - |
Affected
| ||||||