Vulnerability Note VU#568252
Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability
Original Release date: 07 Apr 2014 | Last revised: 07 Apr 2014
Websense Triton Unified Security Center 7.7.3 and possibly earlier versions contains an information disclosure vulnerability which could allow an authenticated attacker to view stored credentials of a possibly higher privileged user.
CWE-200: Information Exposure
When logged into the Websense Triton Unified Security Center 7.7.3 and possibly earlier versions with any permission level, it is possible to navigate to the “Log Database” or “User Directories” portions of the “Settings” module. In either section, it is possible to use a web browser to “Inspect Elements” within the page.
Password blocks are initially hashed within the page using the following form variable:
<input type=”password” id=”logDatabaseSettings:password” name =”logDatabaseSettings:password” maxlength=”50· size=”21·>
However, due to the lack of proper form construction and hashing of password credentials, it is possible to change the string to the following and reload the page:
<input type=”text” id=”logDatabaseSettings:password” name =”logDatabaseSettings:password” maxlength=”50· size=”21·>
Allowing the password credentials to be displayed in plain-text, along with the associated username.
An authenticated attacker can view stored credentials of a possibly higher privileged user.
It has been reported that the vendor has addressed this vulnerability in Triton Unified Security Center 7.7.3 Hotfix 31. Affected users are advised to update to Triton Unified Security Center 7.7.3 Hotfix 31 or later.
The vendor has stated that the following products have also been updated to address this vulnerability.
Web Security Gateway Anywhere v7.7.3 Hotfix 31
Web Security Gateway v7.7.3 Hotfix 31
Websense Web Security v7.7.3 Hotfix 31
Websense Web Filter v7.7.3 Hotfix 31
Windows and Websense V-Series appliances
Additional information can be found in Websense V7.7.3 HF31 Manager Password Vulnerability issue advisory.
Vendor Information (Learn More)
VendorStatusDate NotifiedDate UpdatedWebSenseAffected28 Jan 201425 Mar 2014If you are a vendor and your product is affected, let
CVSS Metrics (Learn More)
Thanks to Patrick Kelley of Critical Assets for reporting this vulnerability.
This document was written by Michael Orlando.
24 Mar 2014
Date First Published:
07 Apr 2014
Date Last Updated:
07 Apr 2014
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.