Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-5131
HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-5131

2022-10-0316:24:01
CWE-264
[email protected]
web.nvd.nist.gov
18
cve-2009-5131
websense email security
receive service
domain extensions
blacklist
remote attackers
access restrictions
smtp session

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON

The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist, which allows remote attackers to bypass intended access restrictions and send e-mail messages via an SMTP session.

Affected configurations

NVD
Node
websensewebsense_email_securityRange7.0
OR
websensewebsense_email_securityMatch6.1
OR
websensewebsense_email_securityMatch6.1sp1

Related

prion 1
nvd 1
cvelist 1
prion
prion
Session fixation
2012-08-26 19:55:00
nvd
nvd
CVE-2009-5131
2012-08-26 19:55:01
cvelist
cvelist
CVE-2009-5131
2022-10-03 16:24:01

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON
Related for CVE-2009-5131
prion1nvd1cvelist1