{"vuid":"VU#568252","idnumber":"568252","name":"Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability","keywords":["Websense","Triton Unified Security Center","information disclosure","cwe-200"],"overview":"Websense Triton Unified Security Center 7.7.3 and possibly earlier versions contains an information disclosure vulnerability which could allow an authenticated attacker to view stored credentials of a possibly higher privileged user.","clean_desc":"CWE-200: Information Exposure\nWhen logged into the Websense Triton Unified Security Center 7.7.3 and possibly earlier versions with any permission level, it is possible to navigate to the “Log Database” or “User Directories” portions of the “Settings” module. In either section, it is possible to use a web browser to “Inspect Elements” within the page. Password blocks are initially hashed within the page using the following form variable: <input type=”password” id=”logDatabaseSettings:password” name =”logDatabaseSettings:password” maxlength=”50· size=”21·> However, due to the lack of proper form construction and hashing of password credentials, it is possible to change the string to the following and reload the page: <input type=”text” id=”logDatabaseSettings:password” name =”logDatabaseSettings:password” maxlength=”50· size=”21·> Allowing the password credentials to be displayed in plain-text, along with the associated username.","impact":"An authenticated attacker can view stored credentials of a possibly higher privileged user.","resolution":"Update It has been reported that the vendor has addressed this vulnerability in Triton Unified Security Center 7.7.3 Hotfix 31. Affected users are advised to update to Triton Unified Security Center 7.7.3 Hotfix 31 or later. The vendor has stated that the following products have also been updated to address this vulnerability. Web Security Gateway Anywhere v7.7.3 Hotfix 31\nWeb Security Gateway v7.7.3 Hotfix 31\nWebsense Web Security v7.7.3 Hotfix 31\nWebsense Web Filter v7.7.3 Hotfix 31\nWindows and Websense V-Series appliances Additional information can be found in Websense V7.7.3 HF31 Manager Password Vulnerability issue advisory.","workarounds":"","sysaffected":"","thanks":"Thanks to Patrick Kelley of Critical Assets for reporting this vulnerability.","author":"This document was written by Michael Orlando.","public":["https://www.websense.com/content/web-security-gateway-anywhere-features.aspx","https://www.websense.com/content/mywebsense-hotfixes.aspx?patchid=894&prodidx=20&osidx=0&intidx=0&versionidx=0","http://cwe.mitre.org/data/definitions/200.html"],"cveids":["CVE-2014-0347"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2014-01-28T10:30:31Z","publicdate":"2014-03-24T00:00:00Z","datefirstpublished":"2014-04-07T17:09:31Z","dateupdated":"2014-04-07T17:09:32Z","revision":17,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"N","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"L","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"3.5","cvss_basevector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","cvss_temporalscore":"2.9","cvss_environmentalscore":"0.895239516355","cvss_environmentalvector":"CDP:L/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}