exploitDog

CVE-2012-4605

Опубликовано: 23 авг. 2012

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:websense:websense_email_security:6.1:*:*:*:*:*:*:*

cpe:2.3:a:websense:websense_email_security:6.1:sp1:*:*:*:*:*:*

cpe:2.3:a:websense:websense_email_security:7.0:*:*:*:*:*:*:*

cpe:2.3:a:websense:websense_email_security:7.1:*:*:*:*:*:*:*

cpe:2.3:a:websense:websense_email_security:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.0026

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-89ph-4mm5-c325

github

больше 3 лет назад

The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.

EPSS

Процентиль: 49%

0.0026

Низкий

5 Medium

CVSS2

Дефекты

CWE-200