CVE-2008-4646

Published: Oct 22, 2008Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.

Affected (1)

Products: Websense: Enterpise

Websense

1 product

Enterpise

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Websense Enterpise	Version 6.3.2

Related CWEs

CWE-255

References (10)

http://secunia.com/advisories/32264

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/31746

Source: cve@mitre.org

http://www.securitytracker.com/id?1021058

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2819

Source: cve@mitre.org

http://www.zebux.org/pub/Advisory/Advisory_Websense_Reporter_Password_Disclosure_200810.txt

Source: cve@mitre.org

http://secunia.com/advisories/32264