Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-2748

EPSS 0.30% · P54
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-2748

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Websense TRITON AP-WEB 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Websense TRITON AP-WEB是美国Websense公司的一套Web安全解决方案。该方案可使本地、远程和移动员工无缝访问Web资源,并实时防护高级威胁和数据窃取。 Websense TRITON AP-WEB 8.0.0之前版本中存在安全漏洞,该漏洞源于程序没有正确限制对explorer_wse/ URI中的文件的访问。远程攻击者可通过向Web Security事件报告文件或Explorer configuration(websense.ini)文件发送直接的请求利用该漏洞获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-2748

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-2748

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-03-26 · 24 CVEs total

CVE-2015-0641Cisco IOS XE 拒绝服务漏洞
CVE-2015-0673Cisco Mobility Services Engine 安全漏洞
CVE-2015-0672Cisco IOS XR DHCPv4服务器拒绝服务漏洞
CVE-2015-0650Cisco IOS和IOS XE Service Discovery Gateway 拒绝服务漏洞
CVE-2015-0649Cisco IOS 拒绝服务漏洞
CVE-2015-0648Cisco IOS 资源管理错误漏洞
CVE-2015-0647Cisco IOS 输入验证漏洞
CVE-2015-0646Cisco IOS和IOS XE TCP输入模块内存泄露漏洞
CVE-2015-0645Cisco IOS XE Layer 4 Redirect 拒绝服务漏洞
CVE-2015-0644Cisco IOS XE AppNav 安全漏洞
CVE-2015-0643Cisco IOS和IOS XE 拒绝服务漏洞
CVE-2015-0642Cisco IOS和IOS XE 拒绝服务漏洞
CVE-2015-0279Red Hat JBoss RichFaces 安全漏洞
CVE-2015-0640Cisco IOS XE high-speed logging 拒绝服务漏洞
CVE-2015-0639Cisco IOS XE Common Flow Table 拒绝服务漏洞
CVE-2015-0638Cisco IOS 拒绝服务漏洞
CVE-2015-0637Cisco IOS和IOS XE Autonomic Networking Infrastructure 输入验证漏洞
CVE-2015-0636Cisco IOS和IOS XE Autonomic Networking Infrastructure 输入验证漏洞
CVE-2015-0635Cisco IOS和IOS XE Autonomic Networking Infrastructure 输入验证漏洞
CVE-2015-2747Websense TRITON和V-Series 跨站脚本漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-2748

No comments yet

Leave a comment