CVE-2015-2770
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| websense | v-series_appliances | {"endIncluding":"7.7"} | |
References
CWEs
CWE-352
Verify integrity in audit chain (admin only). AS-IS.