CVE-2011-5102

{"id": "CVE-2011-5102", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-08-23T10:32:14.873", "references": [{"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."}, {"lang": "es", "value": "La interfaz web de informes de investigaci\u00f3n en la consola de gesti\u00f3n TRITON en Websense Web Security v7.1 before Hotfix 109, v7.1.1 before Hotfix 06, v7.5 anterior al parche v78, 7.5.1 anterior al parche v12, 7.6 anterior al parche v24, y v7.6.2 anterior al parche v12; Web Filter; Web Security Gateway; y Web Security Gateway Anywhere permite a atacantes remotos ejecutar comandos a trav\u00e9s de vectores no especificados."}], "lastModified": "2012-08-23T14:54:47.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:websense:websense_web_filter:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A8C57E4-31F8-4E16-B56A-9E119D418D1F"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E936379-C123-43B7-BFDC-BAEFADF2378F"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "161E18C4-3302-4420-8A1C-FB08B043D536"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72741B37-B3E8-48B5-956E-FF455642531D"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "756CE82D-8583-441F-A9DB-6E0EAB6EDA3F"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B942647-F266-44A3-ABD5-89B4D3FB4DF7"}, {"criteria": "cpe:2.3:a:websense:websense_web_security:7.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D90E8ED-5986-4DB3-ACE6-48A6C684B080"}, {"criteria": "cpe:2.3:a:websense:websense_web_security_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73267B0B-22A6-492E-B89E-4AFD13A662CC"}, {"criteria": "cpe:2.3:a:websense:websense_web_security_gateway_anywhere:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D56C1D61-4AE2-48FD-A7B4-F83153996A89"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}