CVE-2009-5131

2022-10-0316:24:01

mitre

www.cve.org

websense email security

receive service

blacklist bypass

access restrictions

smtp

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.0%

JSON

The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist, which allows remote attackers to bypass intended access restrictions and send e-mail messages via an SMTP session.

References

www.websense.com/support/article/t-kbarticle/Release-Notes-for-Websense-Email-Security-v7-1