AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2015-2771: The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allow

infovulnerability

security

Source: NVD/CVE DatabaseMarch 27, 2015CVE-2015-2771

Summary

Websense TRITON AP-EMAIL and V-Series appliances before version 8.0.0 stored login credentials in plaintext (unencrypted text readable by anyone), allowing remote attackers to steal this sensitive information. This is a serious flaw because plaintext credentials give attackers direct access to the mail server without needing to crack encrypted passwords.

Solution / Mitigation

Upgrade to Websense TRITON APX Version 8.0 or later, as referenced in the vendor advisory at http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0.

Vulnerability Details

CVSS Score

5

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-200

CAPEC (Attack Pattern)

CAPEC-116

Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2771

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%