This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote Windows host has an email security application installed
with weak session ID generation.
The version of Trend Micro ScanMail for Exchange (SMEX) installed on
the remote Windows host is affected by a flaw in its bundled web-based
user interface due to insufficient complexity in the generation of
session IDs. A remote attacker, by more easily guessing the session
ID, can use an authenticated user's session to gain access to the web
See also :
Apply 11.0 Hot Fix Build 4180 / 10.2 Hot Fix Build 3318.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false