Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4605


Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4605
Last Modified 17 Jan 2014 12:09:17
Published 23 Aug 2012 06:32:15
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.

Vulnerable Systems


  • Websense Email Security 6.1

  • Websense Email Security 7.0

  • Websense Email Security 7.1

  • Websense Email Security 7.2



XF - websense-smtp-info-disc(78131)

BID - 64758

Last Updated: 27 May 2016 11:00:18