GCVE - cpe:2.3:a:websense:v-series_appliances:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:websense:v-series_appliances:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Websense (`189e1e28-a0ba-57a1-bac2-d762ced7857c`)
Product	V Series Appliances (`ee83dbf4-c910-516f-a101-8ade8aef2b0e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2015-2773`	vulnerable	2026-06-03 14:34:47.789327	Details available SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors. Published: 2015-03-27T14:00:00.000Z Updated: 2024-08-06T05:24:38.734Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 http://www.securityfocus.com/bid/73406	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-2772`	vulnerable	2026-06-03 14:34:47.789058	Details available SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors. Published: 2015-03-27T14:00:00.000Z Updated: 2024-08-06T05:24:38.840Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 http://www.securityfocus.com/bid/73439	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-2771`	vulnerable	2026-06-03 14:34:47.788816	Details available The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors. Published: 2015-03-27T14:00:00.000Z Updated: 2024-08-06T05:24:38.949Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 http://www.securityfocus.com/bid/73428	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-2770`	vulnerable	2026-06-03 14:34:47.788538	Details available Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Published: 2015-03-27T14:00:00.000Z Updated: 2024-09-17T04:13:59.720Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-2748`	vulnerable	2026-06-03 14:34:47.703605	Details available Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file. Published: 2015-03-26T14:00:00.000Z Updated: 2024-08-06T05:24:38.460Z Open on db.gcve.eu Reference links http://packetstormsecurity.com/files/130901/Websense-Explorer-Missing-Access-Control.html http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 http://www.securityfocus.com/archive/1/534913/100/0/threaded https://www.securify.nl/advisory/SFY20140909/missing_access_control_on_websense_explorer_web_folder.html http://seclists.org/fulldisclosure/2015/Mar/107	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-2746`	vulnerable	2026-06-03 14:34:47.702775	Details available The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command, as demonstrated by the Destination parameter in the ping command. Published: 2015-03-26T14:00:00.000Z Updated: 2024-08-06T05:24:38.446Z Open on db.gcve.eu Reference links https://www.securify.nl/advisory/SFY20140906/command_injection_vulnerability_in_network_diagnostics_tool_of_websense_appliance_manager.html http://packetstormsecurity.com/files/130899/Websense-Appliance-Manager-Command-Injection.html http://www.websense.com/support/article/kbarticle/October-2014-Hotfix-Summary-for-Websense-Solutions http://seclists.org/fulldisclosure/2015/Mar/104 https://www.exploit-db.com/exploits/36423/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9712`	vulnerable	2026-06-03 14:34:28.092685	Details available Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path. Published: 2015-03-27T14:00:00.000Z Updated: 2024-08-06T13:55:04.487Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-01-for-V-Series-Appliance http://www.securityfocus.com/bid/73417 http://www.websense.com/support/article/kbarticle/v7-8-3-About-Hotfix-03-for-V-Series-Appliance	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.