First published: Thu Aug 23 2012(Updated: )
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Websense Websense Web Security | =7.0 | |
Websense Websense Web Filter | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.