The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tumbleweed | messaging_management_system | 4.6 |
| tumbleweed | messaging_management_system | 4.5 |
| tumbleweed | messaging_management_system | 4.3 |
Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tumbleweed | mailgate_email_firewall | 6.2 |
| tumbleweed | mailgate_email_firewall | 6.0 |
| tumbleweed | mailgate_email_firewall | 6.1 |