The default configuration of the SMTP component in Websense Email Security 6.1 up to and including 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
websense websense email security 7.0 |
||
websense websense email security 7.2 |
||
websense websense email security 7.1 |
||
websense websense email security 6.1 |