Bypassing Web Traffic Filtering and Monitoring via HTTP Via Header

Bypassing Web Traffic Filtering and Monitoring via HTTP Via Header

CVE-2010-5144 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header.

Learn more about our Web App Pen Testing.