cbcvebase.
CVE-2015-2748
published 2015-03-26

CVE-2015-2748: Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information…

PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.29%
81.0th percentile
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.

Affected

4 ranges
VendorProductVersion rangeFixed in
websensetriton_ap_data<= 7.8.3
websensetriton_ap_email<= 7.8.3
websensetriton_ap_web<= 7.8.3
websensev-series_appliances<= 7.7
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.