Multiple Vulnerabilities in Websense TRITON V-Series

ITS Advisory Number: 
2015-034
Date(s) Issued: 
Wednesday, April 1, 2015
Subject: 
Multiple Vulnerabilities in Websense TRITON V-Series
Overview: 
Multiple vulnerabilities have been discovered in software of Websense TRITON V-Series appliances, which could allow an attacker to take complete control of an affected system. Websense TRITON V-Series are appliances that are based on a preconfigured, security-hardened platform designed to support flexible deployment of security solutions. The exploitation of these vulnerabilities could allow for remote code execution on the device or may cause denial of service conditions.
Systems Affected: 
  • Websense TRITON V-Series prior to 8.0.0
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
N/A
Description: 

Multiple vulnerabilities have been discovered in Websense TRITON V-Series that may result in remote code execution. They are as follows:

  • Cross-Site Request Forgery (CSRF) in command line page (CVE 2015-2770) - A vulnerability in the command line page in Websense TRITON V-Series that allows remote attackers to hijack the authentication of unspecified victims.
  • Mail Server Accepts Plaintext Credentials QualysGuard Potential Vulnerability (CVE-2015-2771) - A vulnerability in which credentials are received in plaintext which may allow attackers to obtain sensitive information.
  • Unspecified Arbitrary File Upload Vulnerability (CVE-2015-2772) - An unspecified file-upload vulnerability that an attacker could leverage to upload arbitrary files to the affected machine resulting in code execution.
  • Unspecified Arbitrary File Read Vulnerability (CVE-2015-2773) - An unspecified arbitrary file read vulnerability that could allow an attacker to read arbitrary files in the context of the user running the application.
Actions: 

We recommend the following actions be taken:

  • Apply appropriate patches provided by Websense to vulnerable systems immediately after appropriate testing.
  • Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  • Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.