First published: Thu Aug 23 2012(Updated: )
The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Websense Websense Email Security | =6.1 | |
Websense Websense Email Security | =6.1-sp1 | |
Websense Websense Email Security | =7.0 | |
Websense Websense Email Security | =7.1 | |
Websense Websense Email Security | =7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.