CVE-2008-4646

2008-10-2122:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.

References

secunia.com/advisories/32264

www.securityfocus.com/bid/31746

www.securitytracker.com/id?1021058

www.vupen.com/english/advisories/2008/2819

www.zebux.org/pub/Advisory/Advisory_Websense_Reporter_Password_Disclosure_200810.txt