3.5

CVE-2014-0347

EPSS 0.21%
Veröffentlicht 12.04.2014 04:37:31
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix 31, and Web Security Gateway Anywhere 7.7.3 before Hotfix 31 allows remote authenticated users to read cleartext passwords by replacing type="password" with type="text" in an INPUT element in the (1) Log Database or (2) User Directories component.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Websense ≫ Triton Unified Security Center Version7.7.3

Websense ≫ Triton Web Filter Version7.7.3

Websense ≫ Triton Web Security Version7.7.3

Websense ≫ Triton Web Security Gateway Version7.7.3

Websense ≫ Triton Web Security Gateway Anywhere Version7.7.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.407

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:P/I:N/A:N

http://www.kb.cert.org/vuls/id/568252

US Government Resource

https://www.websense.com/content/mywebsense-hotfixes.aspx?patchid=894&prodidx=20&osidx=0&intidx=0&versionidx=0

https://nvd.nist.gov/vuln/detail/CVE-2014-0347

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0347

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0347

EUVD