CVE-2012-4604

2012-08-23T06:32:15
ID CVE-2012-4604
Type cve
Reporter NVD
Modified 2012-08-23T00:00:00

Description

The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe.