10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
High
0.054 Low
EPSS
Percentile
93.2%
Multiple serious vulnerabilities have been found in Websense products. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute or inject arbitrary code, spoof user interface and read or write arbitrary files.
Below is a complete list of vulnerabilities
Public exploits exist for this vulnerability.
CVE-2015-2747 warning
CVE-2015-2746 high
CVE-2014-9711 warning
CVE-2015-2748 critical
CVE-2015-2703 warning
CVE-2015-2702 warning
CVE-2015-2761 warning
CVE-2015-2762 critical
CVE-2014-9712 warning
CVE-2015-2763 critical
CVE-2015-2764 warning
CVE-2015-2773 critical
CVE-2015-2767 critical
CVE-2015-2768 warning
CVE-2015-2765 warning
CVE-2015-2766 critical
CVE-2015-2771 critical
CVE-2015-2772 critical
CVE-2015-2769 high
CVE-2015-2770 high
Update to the latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
statistics.securelist.com/
threats.kaspersky.com/en/product/TRITON-AP-DATA/
threats.kaspersky.com/en/product/TRITON-AP-EMAIL/
threats.kaspersky.com/en/product/TRITON-AP-WEB/
threats.kaspersky.com/en/product/TRITON-V-Series/
threats.kaspersky.com/en/product/Web-Security-and-Filter/
threats.kaspersky.com/en/product/Web-Security-Gateway-Anywhere/
threats.kaspersky.com/en/product/Web-Security-Gateway/