CVE-2008-4646

The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.

Published: Oct 22, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-4646
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
websense / enterpise	6.3.2	6.3.2.x

http://secunia.com/advisories/32264
http://www.securityfocus.com/bid/31746
http://www.securitytracker.com/id?1021058
http://www.vupen.com/english/advisories/2008/2819
http://www.zebux.org/pub/Advisory/Advisory_Websense_Reporter_Password_Disclosure_200810.txt

Vulnerability Database

290,020

CVE-2008-4646