The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix 31, and Web Security Gateway Anywhere 7.7.3 before Hotfix 31 allows remote authenticated users to read cleartext passwords by replacing type="password" with type="text" in an INPUT element in the (1) Log Database or (2) User Directories component.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/568252 | US Government Resource |
https://www.websense.com/content/mywebsense-hotfixes.aspx?patchid=894&prodidx=20&osidx=0&intidx=0&versionidx=0 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2014-04-12T01:00:00
Updated: 2014-04-12T01:57:00
Reserved: 2013-12-05T00:00:00
Link: CVE-2014-0347
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-04-12T04:37:31.377
Modified: 2014-04-14T17:39:34.860
Link: CVE-2014-0347
JSON object: View
Redhat Information
No data.
CWE