UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote malicious users to decrypt the administrative password using a hard-coded key in a Javascript function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
surfcontrol superscout web filter 3.0 |
||
surfcontrol web filter 4.1 |
||
surfcontrol superscout web filter 3.0.3 |
||
surfcontrol web filter 4.0 |