ID CVE-2015-2770 Type cve Reporter NVD Modified 2015-03-30T15:46:53
Description
Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
{"reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 6.8}, "vulnersScore": 6.8}, "published": "2015-03-27T10:59:18", "cvelist": ["CVE-2015-2770"], "title": "CVE-2015-2770", "objectVersion": "1.2", "type": "cve", "hash": "aa8004fb3717728be0f5e97b07d2af73341460ef82beb78fae0b65489cb7b37c", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2770", "bulletinFamily": "NVD", "id": "CVE-2015-2770", "history": [], "scanner": [], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "modified": "2015-03-30T15:46:53", "viewCount": 0, "cpe": ["cpe:/a:websense:v-series_appliances:7.7"], "edition": 1, "description": "Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.", "references": ["http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"], "lastseen": "2016-09-03T22:24:11", "assessment": {"system": "", "name": "", "href": ""}}
{"kaspersky": [{"lastseen": "2018-09-13T06:46:53", "references": [], "description": "### *CVSS*:\n10.0\n\n### *Detect date*:\n03/25/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Websense products. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute or inject arbitrary code, spoof user interface and read or write arbitrary files.\n\n### *Affected products*:\nWebsense TRITON AP-WEB versions earlier than 8.0.0 \nWebsense TRITON V-Series versions earlier than 8.0.0 \nWebsense TRITON AP-EMAIL versions earlier than 8.0.0 \nWebsense Web Security and Filter 7.8.3 versions earlier than hotfix 02 \nWebsense Web Security and Filter 7.8.4 versions earlier than hotfix 01 \nWebsense Web Security Gateway 7.8.3 versions earlier than hotfix 02 \nWebsense Web Security Gateway 7.8.4 versions earlier than hotfix 01 \nWebsense Web Security Gateway Anywhere 7.8.3 versions earlier than hotfix 02 \nWebsense Web Security Gateway Anywhere 7.8.4 versions earlier than hotfix 01 \nWebsense TRITON AP-DATA versions earlier than 8.0.0\n\n### *Solution*:\nUpdate to the latest version\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Web Security Gateway Anywhere](<https://threats.kaspersky.com/en/product/Web-Security-Gateway-Anywhere/>)\n\n### *CVE-IDS*:\n[CVE-2015-2747](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2747>) \n[CVE-2015-2746](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2746>) \n[CVE-2014-9711](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9711>) \n[CVE-2015-2748](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2748>) \n[CVE-2015-2703](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2703>) \n[CVE-2015-2702](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2702>) \n[CVE-2015-2761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2761>) \n[CVE-2015-2762](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2762>) \n[CVE-2014-9712](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9712>) \n[CVE-2015-2763](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2763>) \n[CVE-2015-2764](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2764>) \n[CVE-2015-2773](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2773>) \n[CVE-2015-2767](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2767>) \n[CVE-2015-2768](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2768>) \n[CVE-2015-2765](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2765>) \n[CVE-2015-2766](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2766>) \n[CVE-2015-2771](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2771>) \n[CVE-2015-2772](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2772>) \n[CVE-2015-2769](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2769>) \n[CVE-2015-2770](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2770>)", "edition": 13, "reporter": "Kaspersky Lab", "published": "2015-03-25T00:00:00", "title": "\r KLA10506Multiple vulnerabilities in Websense products ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-2768", "CVE-2015-2746", "CVE-2015-2771", "CVE-2015-2764", "CVE-2015-2761", "CVE-2014-9711", "CVE-2015-2763", "CVE-2015-2747", "CVE-2015-2702", "CVE-2015-2762", "CVE-2015-2773", "CVE-2015-2769", "CVE-2015-2767", "CVE-2014-9712", "CVE-2015-2770", "CVE-2015-2772", "CVE-2015-2748", "CVE-2015-2765", "CVE-2015-2766", "CVE-2015-2703"], "modified": "2018-09-10T00:00:00", "id": "KLA10506", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10506", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
