CVE-2008-7312

Name of the Vulnerable Software and Affected Versions Websense Enterprise versions 5.2 through 6.3

Description The issue allows remote attackers to bypass filtering via an HTTP request. This is because the Filtering Service does not consider the IP address during URL categorization. For example, a request to a compromised server associated with a specific IP address can be used to demonstrate this bypass.

Recommendations For Websense Enterprise versions 5.2 through 6.3, consider restricting access to the Filtering Service until a patch is available. As a temporary workaround, restrict the use of HTTP requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.