AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2012-4604: The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentica

infovulnerability

security

Source: NVD/CVE DatabaseAugust 23, 2012CVE-2012-4604

Summary

CVE-2012-4604 is a flaw in Websense Web Security's TRITON management console that allows attackers to bypass authentication (the process of verifying a user's identity) and access reports they shouldn't see by manipulating cookie fields, specifically the uid and userRoles parameters. The vulnerability affects versions before 7.6 Hotfix 24.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-287

CAPEC (Attack Pattern)

CAPEC-114

Original source: https://nvd.nist.gov/vuln/detail/CVE-2012-4604

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%