Websense Email Security SMTP Component Weak SSL/TLS Ciphers
Medium Nessus Plugin ID 69517
SynopsisThe remote host has an email security application installed that is affected by an information disclosure vulnerability.
DescriptionThe version of Websense Email Security installed on the remote Windows host is earlier than 7.3 hotfix 6. As such, it is potentially affected by an information disclosure vulnerability. The application could use a weak SSL cipher suite, which could allow an attacker to obtain potentially sensitive information.
SolutionUpgrade to Websense Email Security 7.3 hotfix 6 and configure the SSLCipherSuite registry key as discussed in the advisory.