GCVE - cpe:2.3:a:websense:websense_email_security:6.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:websense:websense_email_security:6.1:*:*:*:*:*:*:*

part: a version: 6.1 update: *

Vendor	Websense (`189e1e28-a0ba-57a1-bac2-d762ced7857c`)
Product	Websense Email Security (`a958f8f9-7dcb-5cd9-9b2b-d3e3233d1762`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-4605`	vulnerable	2026-06-03 14:32:24.811079	Details available The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data. Published: 2012-08-23T10:00:00.000Z Updated: 2024-08-06T20:42:54.595Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/kbarticle/SSL-TLS-weak-and-export-ciphers-detected-in-Websense-Email-Security-deployments https://exchange.xforce.ibmcloud.com/vulnerabilities/78131 http://www.securityfocus.com/bid/64758	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-5131`	vulnerable	2026-06-03 14:30:01.373180	Details available The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist, which allows remote attackers to bypass intended access restrictions and send e-mail messages via an SMTP session. Published: 2012-08-26T19:00:00.000Z Updated: 2024-09-17T01:26:58.724Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/t-kbarticle/Release-Notes-for-Websense-Email-Security-v7-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-5130`	vulnerable	2026-06-03 14:30:01.372874	Details available The Rules Service in Websense Email Security before 7.1 allows remote attackers to cause a denial of service (service crash) via an attachment with a crafted size. Published: 2012-08-26T19:00:00.000Z Updated: 2024-09-16T18:59:03.553Z Open on db.gcve.eu Reference links http://www.websense.com/support/article/t-kbarticle/Release-Notes-for-Websense-Email-Security-v7-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-5122`	vulnerable	2026-06-03 14:30:01.348527	Details available The Personal Email Manager component in Websense Email Security before 7.2 allows remote attackers to obtain potentially sensitive information from the JBoss status page via an unspecified query. Published: 2012-08-23T10:00:00.000Z Updated: 2024-08-07T07:32:22.229Z Open on db.gcve.eu Reference links http://www.websense.com/content/support/library/email/v72wes/release_notes/WES72_ReleaseNotes.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/78449	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Websense Email Security 6.1

PURL mappings

Vulnerability references

Contribute